Limited-Time Bug Bounties

Introduction

Additionally to our permanent bounties, we are looking, from time to time, to acquire other zero-day exploits that are not within our usual scope or for which we are temporarily increasing the payouts. In some cases, we may pay each bounty multiple times to acquire distinct exploits for the same software.


Current Temporary Bounties

Microsoft Outlook RCE

  • Status: Active
  • Target: Microsoft Outlook
  • Bounty: Up to $400,000
  • Start Date: 27 January 2022
  • End Date: TBD
Microsoft Outlook RCE

We are temporarily increasing our payout for Microsoft Outlook RCEs from $250,000 to $400,000. We are looking for zero-click exploits leading to remote code execution when receiving/downloading emails in Outlook, without requiring any user interaction such as reading the malicious email message or opening an attachment. Exploits relying on opening/reading an email may be acquired for a lower reward.


Submit Now

Mozilla Thunderbird RCE

  • Status: Active
  • Target: Mozilla Thunderbird
  • Bounty: Up to $200,000
  • Start Date: 27 January 2022
  • End Date: TBD
Mozilla Thunderbird RCE

We are looking for zero-click exploits affecting Thunderbird and leading to remote code execution when receiving/downloading emails, without requiring any user interaction such as reading the malicious email message or opening an attachment. Exploits relying on opening/reading an email may be acquired for a lower reward.


Submit Now

WordPress Pre-Auth RCE

  • Status: Active
  • Target: WordPress
  • Bounty: Up to $300,000
  • Start Date: 31 March 2021
  • End Date: TBD
WordPress RCE

We are temporarily increasing our payout for WordPress RCEs from $100,000 to $300,000. We are looking for pre-authentication exploits affecting recent versions of WordPress. The exploit should allow remote code execution, work with default installations and should not require any authentication or user interaction.


Submit Now


Expired Temporary Bounties

Chrome (RCE)

  • Status: Expired
  • Target: Google Chrome (RCE)
  • Bounty: Up to $400,000
  • Start Date: 14 September 2021
  • End Date: 31 December 2021
Google Chrome RCE

We are looking for remote code execution exploits affecting Google Chrome. The exploit should work with Chrome for Android, Windows, Linux and macOS, and support both 32bit and 64bit architectures. Full chains with remote code execution and sandbox escape are eligible for a $1,000,000 bounty.


Chrome (SBX)

  • Status: Expired
  • Target: Google Chrome (SBX)
  • Bounty: Up to $400,000
  • Start Date: 14 September 2021
  • End Date: 31 December 2021
Google Chrome SBX

We are looking for sandbox escape exploits affecting Google Chrome. The exploit should work with Chrome for Android, Windows, Linux and macOS, and support both 32bit and 64bit architectures. Full chains with remote code execution and sandbox escape are eligible for a $1,000,000 bounty.


VMware vCenter

  • Status: Expired
  • Target: VMware vCenter Server
  • Bounty: Up to $150,000
  • Start Date: 5 July 2021
  • End Date: 31 December 2021
VMware vCenter Server RCE

We are looking for pre-authentication exploits affecting recent versions of VMware vCenter Server. The exploit should allow remote code execution, work with default installations and default ports/services, and should not require any authentication or user interaction.


Pidgin

  • Status: Expired
  • Target: Pidgin
  • Bounty: Up to $100,000
  • Start Date: 1 June 2021
  • End Date: 30 September 2021
Pidgin RCE

We are looking for remote code execution exploits affecting recent versions of Pidgin on Windows and/or Linux. The exploit should work with default installations and should not require any user interaction other than reading a message.


ISPConfig

  • Status: Expired
  • Target: ISPConfig
  • Bounty: Up to $50,000
  • Start Date: 22 April 2021
  • End Date: 30 September 2021
ISPConfig RCE

We are looking for pre-authentication exploits affecting recent versions of ISPConfig. The exploit should allow remote code execution, work with default installations and should not require any authentication or admin interaction.


Moodle

  • Status: Expired
  • Target: Moodle
  • Bounty: Up to $25,000
  • Start Date: 15 June 2021
  • End Date: 31 August 2021
Moodle RCE

We are looking for pre-authentication exploits affecting recent versions of Moodle. The exploit should allow remote code execution, work with default installations and should not require any authentication or user interaction.


IceWarp

  • Status: Expired
  • Target: IceWarp
  • Bounty: Up to $60,000
  • Start Date: 15 June 2021
  • End Date: 30 June 2021
IceWarp RCE

We are looking for pre-authentication exploits affecting recent versions of IceWarp email server for Windows. The exploit should allow remote code execution on Windows, work with default installations and should not require any authentication or user interaction.


SAP NetWeaver

  • Status: Expired
  • Target: SAP NetWeaver
  • Bounty: Up to $50,000
  • Start Date: 26 August 2020
  • End Date: 30 September 2020
SAP NetWeaver

We are looking for pre-authentication RCEs or authentication bypass exploits affecting recent versions of SAP NetWeaver. The exploit should allow either remote code execution or authentication bypass, work with default installations and should not require any authentication or user interaction.

VMware ESXi

  • Status: Expired
  • Target: VMware ESXi
  • Bounty: Up to $500,000
  • Start Date: 5 March 2019
  • End Date: 30 June 2019
VMware ESXi

We are temporarily increasing our payout for VMware ESXi RCEs from $200,000 to $500,000. We are looking for guest-to-host escape exploits affecting recent versions of VMware ESXi. The exploit should allow VM escape (Windows or Linux VM) and work with default installations.