Vulnerability Disclosure Program (VDP)
VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.
rails
1
In Scope
1
Out of Scope
In-Scope Assets (1)
| Asset | Category | Bounty | Quick Links | |
|---|---|---|---|---|
| https://github.com/rails/rails | CODE | No | - |
Out-of-Scope Assets (1)
| Asset | Category | Bounty | |
|---|---|---|---|
| *.rubyonrails.org | WILDCARD | No |
Scope Changes (11)
Apr 1, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Removed | https://github.com/rails/rails | CODE | In Scope | 21:21 |
Mar 26, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | https://github.com/rails/rails | CODE | In Scope | 17:21 |
| Added | https://github.com/rails/rails | CODE | In Scope | 17:21 |
| Added | *.rubyonrails.org | WILDCARD | Out of Scope | 17:21 |
| Added | *.rubyonrails.org | WILDCARD | Out of Scope | 17:21 |
| Program Removed | — | — | — | 16:08 |
Feb 25, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | *.rubyonrails.org | WILDCARD | Out of Scope | 19:08 |
| Added | https://github.com/rails/rails | CODE | In Scope | 19:08 |
Feb 22, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | https://github.com/rails/rails | CODE | In Scope | 00:39 |
| Added | *.rubyonrails.org | WILDCARD | Out of Scope | 00:39 |
Feb 21, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Removed | https://github.com/rails/rails | CODE | In Scope | 21:38 |