BugHunters — The #1 Bug Bounty Platform

Live

Discover vulnerability bounties from 45+ leading companies. Find bugs, earn rewards, and help secure the world's most critical software. From DeFi protocols to Big Tech — your skills matter.

Explore Programs Submit a Report

Total Bounties Paid

$176.6M+

Active Programs

Top Researchers

2,450+

Bugs Resolved

14,667

Featured Programs

View all

Google

Cloud/SaaS

Up to $31,337

24 active bounties · $12,400,000 paid

Microsoft

Cloud/SaaS

Up to $250,000

31 active bounties · $18,200,000 paid

Apple

Cloud/SaaS

Up to $2,000,000

18 active bounties · $20,000,000 paid

Stripe

Fintech

Up to $50,000

11 active bounties · $4,100,000 paid

Coinbase

Crypto/DeFi

Up to $250,000

19 active bounties · $6,700,000 paid

Uniswap

Crypto/DeFi

Up to $500,000

9 active bounties · $3,200,000 paid

Cloudflare

Cloud/SaaS

Up to $50,000

15 active bounties · $3,400,000 paid

DexScreener

Crypto/DeFi

Up to $15,000

6 active bounties · $127,500 paid

Top Researchers

View all →

🥇0xShadow

$342,500

🥈chainBreaker

$281,000

🥉defi_hunter

$224,750

#4nullptr

$198,200

#5web3auditor

$175,800

Latest Open Bounties

View all →

Stored XSS via malformed Gmail attachment filename

Google · XSS

High

OAuth token leakage via redirect_uri mismatch in GCP console

Google · Authentication Bypass

High

Privilege escalation in Azure Active Directory via Graph API

Microsoft · Authorization Flaw

Critical

iCloud authentication bypass via manipulated recovery flow

Apple · Authentication Bypass

Critical

Instagram API IDOR leaking private profile data

Meta · IDOR

High