Vulnerability Disclosure Program (VDP)
VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.
marqeta-vdp-public
3
In Scope
1
Out of Scope
In-Scope Assets (3)
| Asset | Category | Bounty | Quick Links | |
|---|---|---|---|---|
| https://*.marqeta-dev.org | URL | No | ||
| https://*.marqeta.com | URL | No | ||
| https://*.marqeta.io | URL | No |
Out-of-Scope Assets (1)
| Asset | Category | Bounty | |
|---|---|---|---|
| https://community.marqeta.com | URL | No |
Scope Changes (20)
Mar 5, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | https://community.marqeta.com | URL | Out of Scope | 22:35 |
| Added | *.marqeta.com | URL | In Scope | 22:35 |
| Added | *.marqeta.io | URL | In Scope | 22:35 |
| Added | *.marqeta-dev.org | URL | In Scope | 22:35 |
| Added | https://community.marqeta.com | URL | Out of Scope | 22:35 |
| Added | *.marqeta.com | WILDCARD | In Scope | 22:35 |
| Added | *.marqeta.io | WILDCARD | In Scope | 22:35 |
| Added | *.marqeta-dev.org | WILDCARD | In Scope | 22:35 |
Feb 25, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | *.marqeta.com | WILDCARD | In Scope | 19:22 |
| Added | *.marqeta.io | WILDCARD | In Scope | 19:22 |
| Added | *.marqeta-dev.org | WILDCARD | In Scope | 19:22 |
| Added | https://community.marqeta.com | URL | Out of Scope | 19:22 |
| Added | *.marqeta.com | URL | In Scope | 17:21 |
| Added | *.marqeta.io | URL | In Scope | 17:21 |
| Added | *.marqeta-dev.org | URL | In Scope | 17:21 |
| Added | https://community.marqeta.com | URL | Out of Scope | 17:21 |
| Added | *.marqeta-dev.org | WILDCARD | In Scope | 17:21 |
| Added | https://community.marqeta.com | URL | Out of Scope | 17:21 |
| Added | *.marqeta.com | WILDCARD | In Scope | 17:21 |
| Added | *.marqeta.io | WILDCARD | In Scope | 17:21 |