Vulnerability Disclosure Program (VDP)
VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.
central-security-project
3
In Scope
0
Out of Scope
In-Scope Assets (3)
| Asset | Category | Bounty | Quick Links | |
|---|---|---|---|---|
| Java Component in search.maven.org | CODE | No | - | |
| Java component NOT in search.maven.org | CODE | No | - | |
| Suspected Java Component | BINARY | No | - |
Scope Changes (9)
Feb 25, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | java component in search.maven.org | CODE | In Scope | 19:11 |
| Added | suspected java component | CODE | In Scope | 19:11 |
| Added | java component not in search.maven.org | CODE | In Scope | 19:11 |
Feb 22, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | java component in search.maven.org | CODE | In Scope | 00:42 |
| Added | suspected java component | BINARY | In Scope | 00:42 |
| Added | java component not in search.maven.org | CODE | In Scope | 00:42 |
Feb 21, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | java component in search.maven.org | CODE | In Scope | 19:12 |
| Added | suspected java component | BINARY | In Scope | 19:12 |
| Added | java component not in search.maven.org | CODE | In Scope | 19:12 |