Vulnerability Disclosure Program (VDP)

VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.

openai

BugcrowdView on Bugcrowd

RawAI Enhanced

In Scope

Out of Scope

In-Scope Assets (11)

Asset	Category	Bounty	Quick Links
*.openai.com	OTHER	No	-
OpenAI API Keys	URL	No	-
Other	OTHER	No	-
Third Party Targets	URL	No	-
https://*.openai.org	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://api.openai.com	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://apps.apple.com/us/app/sora-by-openai/id6744034028	IOS	No	-
https://chat.openai.com	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://openai.com/	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://platform.openai.com/playground	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal
https://sora.chatgpt.com	URL	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal