Vulnerability Disclosure Program (VDP)

VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.

usbr-vdp

BugcrowdView on Bugcrowd

RawAI Enhanced

In Scope

Out of Scope

In-Scope Assets (3)

Asset	Category	Bounty	Quick Links
*.usbr.gov	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
lcrmscp.gov	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
mitigationcommission.gov	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa

Scope Changes (22)

Mar 5, 2026

Change	Asset	Category	Scope	Time
Added	*.usbr.gov	URL	In Scope	22:38
Added	lcrmscp.gov	URL	In Scope	22:38
Added	mitigationcommission.gov	URL	In Scope	22:38
Added	*.usbr.gov	WILDCARD	In Scope	22:38
Added	lcrmscp.gov	URL	In Scope	22:38
Added	mitigationcommission.gov	URL	In Scope	22:38

Feb 26, 2026

Change	Asset	Category	Scope	Time
Added	mitigationcommission.gov	URL	In Scope	01:27
Added	*.usbr.gov	URL	In Scope	01:27
Added	lcrmscp.gov	URL	In Scope	01:27
Added	mitigationcommission.gov	URL	In Scope	01:27
Added	*.usbr.gov	WILDCARD	In Scope	01:27
Added	lcrmscp.gov	URL	In Scope	01:27
Program Removed	—	—	—	00:15

Feb 25, 2026

Change	Asset	Category	Scope	Time
Added	*.usbr.gov	WILDCARD	In Scope	19:20
Added	lcrmscp.gov	URL	In Scope	19:20
Added	mitigationcommission.gov	URL	In Scope	19:20
Added	*.usbr.gov	URL	In Scope	17:20
Added	lcrmscp.gov	URL	In Scope	17:20
Added	mitigationcommission.gov	URL	In Scope	17:20
Added	*.usbr.gov	WILDCARD	In Scope	17:20
Added	lcrmscp.gov	URL	In Scope	17:20
Added	mitigationcommission.gov	URL	In Scope	17:20