Vulnerability Disclosure Program (VDP)
VDPs are meant for responsibly reporting vulnerabilities you encounter — not for actively hunting for fame or reputation. Even if you're just starting out, consider focusing on rewarded bug bounty programs instead.
digital-flanders-vulnerability-disclosure-program
6
In Scope
10
Out of Scope
In-Scope Assets (6)
Out-of-Scope Assets (10)
| Asset | Category | Bounty | |
|---|---|---|---|
| - opibus*.onderwijs*.vlaanderen.be | OTHER | No | |
| Newly onboarded systems may have a blackout window (up to six months). | OTHER | No | |
| Third-party/vendor-operated services (DV cannot authorize testing on systems not owned or operated by us). | OTHER | No | |
| bibis*.vlaanderen.be | OTHER | No | |
| cdn.vlaanderen.be | OTHER | No | |
| codex.opendata.api.vlaanderen.be | OTHER | No | |
| ets*.omgeving.vlaanderen.be | OTHER | No | |
| https://www.vlaanderen.be/aanmelden/help/mail.html (and ?*) | OTHER | No | |
| https://www.vlaanderen.be/vlaamse-overheid/contact/stuur-een-e-mail | OTHER | No | |
| natura2000.vlaanderen.be | OTHER | No |
Scope Changes (32)
Feb 25, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | https://www.vlaanderen.be/vlaamse-overheid/contact/stuur-een-e-mail | URL | Out of Scope | 19:08 |
| Added | *.vlaanderen.be | WILDCARD | In Scope | 19:08 |
| Added | https://beta.widgets.burgerprofiel.dev-vlaanderen.be/ | URL | In Scope | 19:08 |
| Added | bibis*.vlaanderen.be | WILDCARD | Out of Scope | 19:08 |
| Added | https://beta.gastwebsite.burgerprofiel.ext-vlaanderen.be | URL | In Scope | 19:08 |
| Added | newly onboarded systems may have a blackout window (up to six months) | OTHER | Out of Scope | 19:08 |
| Added | cdn.vlaanderen.be | URL | Out of Scope | 19:08 |
| Added | - opibus*.onderwijs*.vlaanderen.be | WILDCARD | Out of Scope | 19:08 |
| Added | https://burgerprofiel.beta-vlaanderen.be | URL | In Scope | 19:08 |
| Added | https://vo-gebruikersbeheer.vlaanderen.be | URL | In Scope | 19:08 |
| Added | third-party/vendor-operated services (dv cannot authorize testing on systems not owned or operated by us) | OTHER | Out of Scope | 19:08 |
| Added | codex.opendata.api.vlaanderen.be | URL | Out of Scope | 19:08 |
| Added | ets*.omgeving.vlaanderen.be | WILDCARD | Out of Scope | 19:08 |
| Added | natura2000.vlaanderen.be | URL | Out of Scope | 19:08 |
| Added | https://beta.gastwebsite-acm.burgerprofiel.ext-vlaanderen.be | URL | In Scope | 19:08 |
| Added | https://www.vlaanderen.be/aanmelden/help/mail.html%20%28and%20?*) | URL | Out of Scope | 19:08 |
Feb 22, 2026
| Change | Asset | Category | Scope | Time |
|---|---|---|---|---|
| Added | https://beta.gastwebsite.burgerprofiel.ext-vlaanderen.be | URL | In Scope | 00:51 |
| Added | https://vo-gebruikersbeheer.vlaanderen.be | URL | In Scope | 00:51 |
| Added | third-party/vendor-operated services (dv cannot authorize testing on systems not owned or operated by us) | OTHER | Out of Scope | 00:51 |
| Added | cdn.vlaanderen.be | OTHER | Out of Scope | 00:51 |
| Added | https://beta.widgets.burgerprofiel.dev-vlaanderen.be/ | URL | In Scope | 00:51 |
| Added | newly onboarded systems may have a blackout window (up to six months) | OTHER | Out of Scope | 00:51 |
| Added | bibis*.vlaanderen.be | WILDCARD | Out of Scope | 00:51 |
| Added | - opibus*.onderwijs*.vlaanderen.be | WILDCARD | Out of Scope | 00:51 |
| Added | *.vlaanderen.be | WILDCARD | In Scope | 00:51 |
| Added | https://www.vlaanderen.be/aanmelden/help/mail.html%20%28and%20?*) | URL | Out of Scope | 00:51 |
| Added | https://www.vlaanderen.be/vlaamse-overheid/contact/stuur-een-e-mail | URL | Out of Scope | 00:51 |
| Added | natura2000.vlaanderen.be | OTHER | Out of Scope | 00:51 |
| Added | https://beta.gastwebsite-acm.burgerprofiel.ext-vlaanderen.be | URL | In Scope | 00:51 |
| Added | https://burgerprofiel.beta-vlaanderen.be | URL | In Scope | 00:51 |
| Added | codex.opendata.api.vlaanderen.be | OTHER | Out of Scope | 00:51 |
| Added | ets*.omgeving.vlaanderen.be | WILDCARD | Out of Scope | 00:51 |