Vulnerability Disclosure Program (VDP)

VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.

supabase

HackerOneView on HackerOne
RawAI Enhanced
10
In Scope
7
Out of Scope
Scope Changes (51)
Feb 25, 2026
ChangeAssetCategoryScopeTime
Added*.database.devWILDCARDIn Scope19:20
Addedhttps://github.com/supabaseURLIn Scope19:20
Addedhttps://supabase.helpURLIn Scope19:20
Addedhttps://github.com/supabase-community/supabase-mcpURLIn Scope19:20
Addedhttps://github.com/supabase-communityURLOut of Scope19:20
Addedhttps://api.supabase.com/platform/pg-meta/project_id/queryURLOut of Scope19:20
Addedhttps://ctf.supabase.comURLOut of Scope19:20
Addedhttps://supabase.storeURLIn Scope19:20
Addedhttps://supabase.linkURLIn Scope19:20
Addedhttps://supabase.productions/URLOut of Scope19:20
Addedsupabase.comURLIn Scope19:20
Addedhttps://mcp.supabase.com/mcpURLIn Scope19:20
Added*.supabase.coWILDCARDIn Scope19:20
Addeddb.*.supabase.coWILDCARDIn Scope19:20
Addedapi.supabase.comURLIn Scope19:20
Addedhttps://multiplayer.devURLIn Scope19:20
Addedhttps://supabase.dev/URLOut of Scope19:20
Feb 22, 2026
ChangeAssetCategoryScopeTime
Addedhttps://supabase.linkURLIn Scope00:48
Added*.database.devWILDCARDIn Scope00:48
Addedhttps://supabase.storeURLIn Scope00:48
Addedhttps://mcp.supabase.com/mcpURLIn Scope00:48
Addedhttps://multiplayer.devURLIn Scope00:48
Addedhttps://supabase.helpURLIn Scope00:48
Addedhttps://github.com/supabase-communityOTHEROut of Scope00:48
Addedhttps://api.supabase.com/platform/pg-meta/project_id/queryURLOut of Scope00:48
Addedhttps://supabase.productions/URLOut of Scope00:48
Addedhttps://supabase.dev/URLOut of Scope00:48
Addedapi.supabase.comURLIn Scope00:48
Addedhttps://github.com/supabaseOTHERIn Scope00:48
Addedsupabase.comURLIn Scope00:48
Addedhttps://github.com/supabase-community/supabase-mcpURLIn Scope00:48
Added*.supabase.coWILDCARDOut of Scope00:48
Addeddb.*.supabase.coWILDCARDOut of Scope00:48
Addedhttps://ctf.supabase.comURLOut of Scope00:48
Feb 21, 2026
ChangeAssetCategoryScopeTime
Addedsupabase.comURLIn Scope19:13
Addedapi.supabase.comURLIn Scope19:13
Added*.database.devWILDCARDIn Scope19:13
Addedhttps://github.com/supabaseCODEIn Scope19:13
Addedhttps://supabase.storeURLIn Scope19:13
Addedhttps://multiplayer.devURLIn Scope19:13
Addedhttps://supabase.helpURLIn Scope19:13
Addedhttps://supabase.linkURLIn Scope19:13
Addedhttps://github.com/supabase-community/supabase-mcpURLIn Scope19:13
Addedhttps://mcp.supabase.com/mcpURLIn Scope19:13
Added*.supabase.coWILDCARDOut of Scope19:13
Addedhttps://github.com/supabase-communityCODEOut of Scope19:13
Addedhttps://supabase.productions/URLOut of Scope19:13
Addedhttps://supabase.dev/URLOut of Scope19:13
Addeddb.*.supabase.coWILDCARDOut of Scope19:13
Addedhttps://api.supabase.com/platform/pg-meta/project_id/queryURLOut of Scope19:13
Addedhttps://ctf.supabase.comURLOut of Scope19:13