Program Removed
This program is no longer available on Bugcrowd. The scope data shown below is historical and may not reflect the final state of the program.
Vulnerability Disclosure Program (VDP)
VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.
ssa-vdp
12
In Scope
4
Out of Scope
In-Scope Assets (12)
| Asset | Category | Bounty | Quick Links | |
|---|---|---|---|---|
| *.segurosocial.gov | URL | No | ||
| *.socialsecurity.gov | URL | No | ||
| *.ssa.gov | URL | No | ||
| segurosocial.gov | WILDCARD | No | ||
| socialsecurity.gov | WILDCARD | No | ||
| ssa cidr range 1 | CIDR | No | ||
| ssa cidr range 1 | OTHER | No | - | |
| ssa cidr range 1 | OTHER | No | - | |
| ssa cidr range 2 | CIDR | No | ||
| ssa cidr range 2 | OTHER | No | - | |
| ssa cidr range 2 | OTHER | No | - | |
| ssa.gov | WILDCARD | No |
Out-of-Scope Assets (4)
| Asset | Category | Bounty | |
|---|---|---|---|
| https://foia.ssa.gov | URL | No | |
| https://foia.ssa.gov | URL | No | |
| targets not expressly listed as in scope are out of scope | OTHER | No | |
| targets not expressly listed as in scope are out of scope | OTHER | No |
Scope Changes (50)
Jun 26, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Program Removed | — | — | — | 06:34 |
Jun 17, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | *.socialsecurity.gov | URL | In Scope | 11:37 |
| Added | ssa cidr range 1 | OTHER | In Scope | 11:37 |
| Added | ssa cidr range 2 | OTHER | In Scope | 11:37 |
| Added | targets not expressly listed as in scope are out of scope | OTHER | Out of Scope | 11:37 |
| Added | https://foia.ssa.gov | URL | Out of Scope | 11:37 |
| Added | *.ssa.gov | WILDCARD | In Scope | 11:37 |
| Added | *.segurosocial.gov | WILDCARD | In Scope | 11:37 |
| Added | *.socialsecurity.gov | WILDCARD | In Scope | 11:37 |
| Added | ssa cidr range 1 | OTHER | In Scope | 11:37 |
| Added | ssa cidr range 2 | OTHER | In Scope | 11:37 |
| Added | targets not expressly listed as in scope are out of scope | OTHER | Out of Scope | 11:37 |
| Added | https://foia.ssa.gov | URL | Out of Scope | 11:37 |
| Added | *.ssa.gov | URL | In Scope | 11:37 |
| Added | *.segurosocial.gov | URL | In Scope | 11:37 |
| Program Removed | — | — | — | 10:34 |
Mar 5, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | *.segurosocial.gov | WILDCARD | In Scope | 22:34 |
| Added | *.segurosocial.gov | URL | In Scope | 22:34 |
| Added | *.socialsecurity.gov | URL | In Scope | 22:34 |
| Added | ssa cidr range 1 | OTHER | In Scope | 22:34 |
| Added | ssa cidr range 2 | OTHER | In Scope | 22:34 |
| Added | targets not expressly listed as in scope are out of scope | OTHER | Out of Scope | 22:34 |
| Added | https://foia.ssa.gov | URL | Out of Scope | 22:34 |
| Added | targets not expressly listed as in scope are out of scope | OTHER | Out of Scope | 22:34 |
| Added | https://foia.ssa.gov | URL | Out of Scope | 22:34 |
| Added | *.ssa.gov | WILDCARD | In Scope | 22:34 |
| Added | *.ssa.gov | URL | In Scope | 22:34 |
| Added | *.socialsecurity.gov | WILDCARD | In Scope | 22:34 |
| Added | ssa cidr range 1 | OTHER | In Scope | 22:34 |
| Added | ssa cidr range 2 | OTHER | In Scope | 22:34 |
Feb 27, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | https://foia.ssa.gov | URL | Out of Scope | 19:40 |
| Added | https://foia.ssa.gov | URL | Out of Scope | 19:40 |
Feb 25, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | *.socialsecurity.gov | WILDCARD | In Scope | 19:17 |
| Added | targets not expressly listed as in scope are out of scope | OTHER | Out of Scope | 19:17 |
| Added | *.ssa.gov | WILDCARD | In Scope | 19:17 |
| Added | *.segurosocial.gov | WILDCARD | In Scope | 19:17 |
| Added | ssa cidr range 1 | OTHER | In Scope | 19:17 |
| Added | ssa cidr range 2 | OTHER | In Scope | 19:17 |
| Added | *.ssa.gov | URL | In Scope | 17:17 |
| Added | *.segurosocial.gov | URL | In Scope | 17:17 |
| Added | *.socialsecurity.gov | URL | In Scope | 17:17 |
| Added | ssa cidr range 1 | OTHER | In Scope | 17:17 |
| Added | ssa cidr range 2 | OTHER | In Scope | 17:17 |
| Added | targets not expressly listed as in scope are out of scope | OTHER | Out of Scope | 17:17 |
| Added | *.socialsecurity.gov | WILDCARD | In Scope | 17:17 |
| Added | ssa cidr range 1 | CIDR | In Scope | 17:17 |
| Added | ssa cidr range 2 | CIDR | In Scope | 17:17 |
| Added | targets not expressly listed as in scope are out of scope | OTHER | Out of Scope | 17:17 |
| Added | *.ssa.gov | WILDCARD | In Scope | 17:17 |
| Added | *.segurosocial.gov | WILDCARD | In Scope | 17:17 |