Bug Bounty Programs in Open Source Projects - Lessons from Implementation and Termination Cases
Bug bounty programs (vulnerability reward programs) are gaining attention as a means of ensuring security in open source software (OSS). However, not all OSS projects implement bug bounties.
This article investigates projects that implement bug bounties, projects that don’t, and projects that have recently terminated their programs, exploring the current state and challenges of OSS security.
OSS bug bounties are polarized. While Chrome/Android operated by Google pays up to $1 million, many prominent projects like Python, Git, and PostgreSQL provide no monetary rewards at all.
Three factors determine whether a project implements bug bounties:
The Google Chrome Vulnerability Reward Program launched in 2010 as a veteran program. In August 2024, bounties were significantly increased, paying up to $250,000 for high-quality reports of sandbox escape + remote code execution.
References
Android Security Rewards (ASR) launched in 2015 with the industry’s highest bounties.
| Target | Maximum Bounty |
|---|---|
| Titan M chip full escape | $1,000,000 |
| Titan M protected data leak | $500,000 |
| Lock screen bypass | $100,000 |
| Google app RCE (Mobile VRP) | $300,000 |
References
The Mozilla Bug Bounty Program is one of the oldest in the industry, launching in 2004.
| Severity | Reward Range (USD) |
|---|---|
| Critical (RCE, SOP bypass, etc.) | $3,000 - $20,000 |
| High | $3,000 - $10,000 |
| Medium/Low | $500 - $3,000 |
A unique rule splits bounties for duplicate reports within 72 hours.
References
Microsoft enhanced its program in 2025 for .NET and ASP.NET Core (including Blazor and Aspire), offering bounties up to $40,000. GitHub Actions workflows and F# are also included in scope.
References
The Kubernetes bug bounty is funded by CNCF (Cloud Native Computing Foundation) and operated on HackerOne. Made public in 2020, it covers a broad scope including Kubernetes core code, API server, kubelet, authentication bugs, privilege escalation, RCE, and supply chain.
Bounties range from $100 - $10,000 based on severity (CVSS score), with maximum amounts for Critical-class vulnerabilities.
References
WordPress operates a community program on HackerOne. Bounties range from $150 - $1,337+ based on severity, with swag for minor issues. Automattic sponsors the bounties since the program launched in 2017.
References
Internet Bug Bounty (IBB) is a pooled fund program launched in 2013, sponsored by Facebook, GitHub, Ford Foundation, and others.
Its key feature is distributing bounties 80% to the finder, 20% to the OSS project. This ensures maintainers who fix vulnerabilities also receive compensation.
| Project | Scope | Notes |
|---|---|---|
| Node.js | Core runtime | Requires Signal reputation score 1.0+ (from January 2026) |
| Ruby on Rails | Framework core | $500 bonus for providing patches |
| Django | Framework core | Testing on djangoproject.com prohibited |
| OpenSSL | Crypto library | Bounty eligible via IBB |
References
Node.js introduced mandatory “Signal reputation score” requirements in January 2026. After triage operations were paralyzed by a surge in low-quality reports during the holiday period, they shifted to requiring a Signal score of 1.0 or higher from researchers.
References
Separate from traditional bug bounties for web services and software libraries, huntr.dev specializes in AI/ML (machine learning) models and their supply chains, experiencing rapid growth.
| Project Category | Examples | Base Bounty |
|---|---|---|
| ML Frameworks | PyTorch, Keras, transformers | $1,500 |
| Inference Engines | ONNX, TensorRT, vLLM | $1,500 |
| Data Science | NLTK, Jupyter, pandas | $900 - $1,500 |
| ML Ops | mlflow, kubeflow, airflow | $1,200 - $1,500 |
A distinctive feature is the dynamic design that increases bounties up to 10x for vulnerabilities enabling read/write access to AI models or training data.
References
Companies built on OSS products are also actively implementing bug bounty programs.
GitLab started a private program in 2014 and went public in December 2018. Bounties range from $100 - $35,000+.
References
Vercel, developer of Next.js, launched a $1,000,000 bug bounty challenge in response to a critical vulnerability (CVE-2025-55182, CVSS 10.0) discovered in 2025.
They urgently launched a program on HackerOne offering $50,000 per unique technique to bypass their WAF. It was one of the fastest program launches in HackerOne history.
| Item | Details |
|---|---|
| Participants | 116 |
| Submitted reports | 156 |
| Validated techniques | 20 |
| Total payout | $1,000,000 |
| Attacks blocked | 6 million+ |
References
Supabase, rapidly growing as an open source Firebase alternative, operates a Vulnerability Disclosure Program (VDP) on HackerOne. Launched in late 2025, it covers api.supabase.com, database.dev, GitHub repositories, and MCP Server.
Note that the endpoint accepting SQL queries (/platform/pg-meta/project_id/query) is designed to execute SQL, so it’s out of scope for SQL injection. Only reports demonstrating privilege escalation are considered valid.
References
Neon, providing serverless Postgres, launched their bug bounty program on HackerOne in March 2025. After 3 months as a private program, it went public.
| Severity | Bounty |
|---|---|
| Critical | $3,000 |
| High | $1,500 |
| Medium | $500 |
| Low | $150 |
Scope covers web applications and APIs, with focus areas on authentication, data protection, and API security. Both staging and production environments are testable, supporting various subscription scenario testing with Stripe test cards.
References
Grafana Labs, the open source monitoring and visualization platform, launched their bug bounty program in May 2023. It’s operated through the Intigriti platform.
A notable feature is transparency—researchers are not required to sign NDAs. Findings can be freely published after release. Tiered bounties based on CVSS severity are offered, with bonuses for high-quality reports and PoC submissions.
Multiple vulnerabilities were discovered and fixed through this program in 2025:
References
Sentry, the application monitoring platform, operates a private bug bounty program on HackerOne. They don’t accept new participants directly—you must first submit a report via email, and if valid, receive an invitation to the program.
They also run a separate “Cookie Bounty” program specializing in cookie-related vulnerabilities, paying $100 per valid report.
References
PostHog, the product analytics platform, does not offer monetary bounties. Instead, they express appreciation for valid vulnerability reports with swag.
They operate a Vulnerability Disclosure Program (VDP) through Bugcrowd and also accept reports at security-reports@posthog.com. They ensure security through annual penetration tests (latest in May 2025) and SOC 2 audits.
References
Apache Software Foundation has a policy of not offering bug bounty programs as an organization.
While they acknowledge vulnerability reporters by listing names in advisories, they don’t provide monetary rewards. As an alternative, some Apache projects are eligible for bounties through HackerOne’s Internet Bug Bounty.
References
Python Software Foundation doesn’t implement bug bounties as a non-profit organization. PSRT (Python Security Response Team) accepts reports at security@python.org with OpenPGP encrypted communication support.
However, PSF is registered as a CVE Numbering Authority (CNA) with CVE issuance authority. The vulnerability management process itself is rigorously operated.
References
HashiCorp does not operate a public bug bounty program and does not offer monetary rewards for vulnerability reports. Their policy provides acknowledgment in security bulletins instead of monetary rewards.
References
Red Hat does not participate in or sponsor bug bounty programs. secalert@redhat.com is the reporting channel, with guaranteed acknowledgment within three working days.
Red Hat is registered as a major CVE issuing authority (CNA/Root/CNA-LR) and emphasizes coordinated vulnerability management with the open source community.
References
The PostgreSQL Global Development Group has consistently maintained a policy of not implementing bug bounty programs. They officially state: “Please note that the PostgreSQL Project does not offer bug bounties.”
The primary reason for not implementing one is concern about the flood of “low-quality reports” driven by monetary incentives. False positives from automated scanning tools, DMARC configuration issues, or simple misconfigurations that pose no real threat would waste development resources.
References
The Git version control system recommends reporting to git-security@googlegroups.com. As a purely community-driven OSS without funding, they follow a coordinated disclosure process.
References
The Linux Kernel is another prominent example without an official bug bounty program. The Linux Foundation states: “Otherwise, please do not expect that you’ll be paid for a vulnerability report, as we have limited resources.”
However, Google effectively provides bounties through kCTF/kvmCTF.
References
OpenSSH is developed as part of the OpenBSD project, with a security philosophy emphasizing “design that doesn’t tolerate vulnerabilities” over “finding vulnerabilities.” By adopting privilege separation, sandboxing, and modern memory management techniques, they maintain a structure where a single bug doesn’t lead to full system compromise.
References
SQLite is developed by a small team centered on D. Richard Hipp. A distinctive feature is their responsiveness—typically fixing issues within hours of discovery.
The development team is critical of the CVE system, arguing: “Very few CVEs written about SQLite are real vulnerabilities in the sense that they do not give any new capabilities to an attacker.”
References
For projects without bug bounty programs, AI-automated vulnerability discovery presents both a threat and an opportunity.
OpenSSL had no bug bounty program for years, but in 2025, multiple unknown vulnerabilities were discovered and reported using AI-powered autonomous analysis tools. Many of these vulnerabilities had reportedly been overlooked by human researchers for years.
References
When bug bounty programs go “Public,” reports flood in from researchers worldwide, but many are duplicates or invalid.
Many OSS maintainers are volunteers who become frustrated when development time is consumed processing bug bounty reports. The flood of AI-generated reports risks driving maintainers toward security apathy or project abandonment.
References
cURL operated a bug bounty on HackerOne from 2019, paying out over $100,000 for 87 vulnerabilities over approximately 5 years.
However, the bug bounty program was terminated at the end of January 2026.
The primary reason for termination was the explosive increase in low-quality vulnerability reports generated by AI (so-called “AI slop”).
Developers determined that maintaining the bug bounty program was counterproductive, ending bounty payments and HackerOne acceptance. They’ve shifted to consolidating vulnerability reporting through GitHub’s vulnerability reporting feature and email.
cURL developer Daniel Stenberg explained the termination: “We suspect the idea of getting money for it is a big part of the explanation. It brings in real reports, but makes it too easy to be annoying with little to no penalty to the user.”
References
| Project | Bounty | Max Bounty | Platform | Start Year |
|---|---|---|---|---|
| Android | ✅ | $1,000,000 | Google proprietary | 2015 |
| Chrome/Chromium | ✅ | $250,000 | Google proprietary | 2010 |
| Firefox | ✅ | $20,000 | HackerOne | 2004 |
| Kubernetes | ✅ | $10,000 | HackerOne | 2020 |
| WordPress | ✅ | $1,337+ | HackerOne | 2017 |
| Node.js/Rails/Django | ✅ | IBB partnership | HackerOne | 2013- |
| Project | Bounty | Max Bounty | Platform | Start Year |
|---|---|---|---|---|
| Vercel | ✅ | $50,000/technique | HackerOne | 2025 |
| GitLab | ✅ | $35,000+ | HackerOne | 2014 |
| Neon | ✅ | $3,000 | HackerOne | 2025 |
| Grafana Labs | ✅ | CVSS-based | Intigriti | 2023 |
| Sentry | ✅ (Private) | — | HackerOne | — |
| Supabase | VDP | — | HackerOne | 2025 |
| PostHog | VDP | Swag only | Bugcrowd | — |
| Project | Bounty | Max Bounty | Platform | Year |
|---|---|---|---|---|
| cURL | ❌ (Terminated) | — | — | 2019-2026 |
| PostgreSQL | ❌ | — | — | — |
| Python | ❌ | — | — | — |
| Git | ❌ | — | — | — |
| Apache | ❌ | — | — | — |
| Terraform | ❌ | — | — | — |
| Ansible | ❌ | — | — | — |
| OpenSSH | ❌ | — | — | — |
Bug bounty program implementation in OSS projects is polarized based on project funding, governance models, and security philosophy.
The cURL case highlighted bug bounty challenges in the AI era:
Bug bounties are not a silver bullet. In an era where AI enables vulnerabilities to be found “cheaply and quickly,” what matters is not finding bugs but “the economics of fixing”—how efficiently to fix discovered bugs and rapidly deliver fixes across the ecosystem.
Models like IBB’s 80/20 split, rewarding both finders and fixers, will be the sustainable foundation supporting OSS security going forward.
Regardless of monetary rewards, establishing dedicated reporting channels and coordinated disclosure processes is fundamental to modern OSS security. For guidance on security policy development, please refer to:
That’s all from the Gemba.