Vulnerability Disclosure Program (VDP)

VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.

posthog-vdp-pro

BugcrowdView on Bugcrowd
RawAI Enhanced
4
In Scope
0
Out of Scope
Scope Changes (20)
Mar 5, 2026
ChangeAssetCategoryScopeTime
Addedhttps://github.com/PostHog/posthog.comURLIn Scope22:33
Addedhttps://github.com/PostHog/posthogURLIn Scope22:33
Addedhttps://us.posthog.com/URLIn Scope22:33
Addedhttps://posthog.comURLIn Scope22:33
Addedhttps://us.posthog.com/URLIn Scope22:33
Addedhttps://github.com/PostHog/posthog.comURLIn Scope22:33
Addedhttps://github.com/PostHog/posthogURLIn Scope22:33
Addedhttps://posthog.comURLIn Scope22:33
Feb 25, 2026
ChangeAssetCategoryScopeTime
Addedhttps://github.com/PostHog/posthogURLIn Scope19:16
Addedhttps://us.posthog.com/URLIn Scope19:16
Addedhttps://posthog.comURLIn Scope19:16
Addedhttps://github.com/PostHog/posthog.comURLIn Scope19:16
Addedhttps://us.posthog.com/URLIn Scope17:15
Addedhttps://github.com/PostHog/posthog.comURLIn Scope17:15
Addedhttps://github.com/PostHog/posthogURLIn Scope17:15
Addedhttps://posthog.comURLIn Scope17:15
Addedhttps://us.posthog.com/URLIn Scope17:15
Addedhttps://github.com/PostHog/posthog.comURLIn Scope17:15
Addedhttps://github.com/PostHog/posthogURLIn Scope17:15
Addedhttps://posthog.comURLIn Scope17:15