Vulnerability Disclosure Program (VDP)

VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.

mufg-vdp

HackerOneView on HackerOne

RawAI Enhanced

In Scope

Out of Scope

In-Scope Assets (2)

Asset	Category	Bounty	Quick Links
*.mufg.jp	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa
*.mufgamericas.com	WILDCARD	No	crt.sh Google Shodan SecurityTrails Wayback DNSdumpster VirusTotal AlienVault OTX GitHub Fofa

Scope Changes (6)

Feb 25, 2026

Change	Asset	Category	Scope	Time
Added	*.mufg.jp	WILDCARD	In Scope	19:21
Added	*.mufgamericas.com	WILDCARD	In Scope	19:21

Feb 22, 2026

Change	Asset	Category	Scope	Time
Added	*.mufg.jp	WILDCARD	In Scope	00:49
Added	*.mufgamericas.com	WILDCARD	In Scope	00:49

Feb 21, 2026

Change	Asset	Category	Scope	Time
Added	*.mufg.jp	WILDCARD	In Scope	19:13
Added	*.mufgamericas.com	WILDCARD	In Scope	19:13