tencent-bug-bounty-program

YesWeHackView on YesWeHack

RawAI Enhanced

1

In Scope

6

Out of Scope

In-Scope Assets (1)

Asset	Category	Bounty	Quick Links
In-Scope Products (for the full list please visit https://en.security.tencent.com/index.php/policy)	OTHER	Yes	-

Out-of-Scope Assets (6)

Asset	Category	Bounty
*. myqcloud.com	OTHER	Yes
*.qzoneapp.com	OTHER	Yes
Notes about Tencent Cloud (cloud.tencent.com as included in .tencent.com)	OTHER	Yes
Only vulnerabilities affecting the platform itself and IP owned by Tencent will be accepted. If an IP belongs to Tencent Cloud external customer, it is not considered in scope.	OTHER	Yes
Please note that the vulnerabilities reported for the following assets will not be eligible for bounties.	OTHER	Yes
Third-party applications and websites	OTHER	Yes

Scope Changes (27)

Feb 25, 2026

Change	Asset	Category	Scope	Time
Added	*.qzoneapp.com	WILDCARD	Out of Scope	19:09
Added	*. myqcloud.com	WILDCARD	Out of Scope	19:09
Added	third-party applications and websites	OTHER	Out of Scope	19:09
Added	notes about tencent cloud (cloud.tencent.com as included in .tencent.com)	WILDCARD	Out of Scope	19:09
Added	only vulnerabilities affecting the platform itself and ip owned by tencent will be accepted. if an ip belongs to tencent cloud external customer, it is not considered in scope	OTHER	Out of Scope	19:09
Added	in-scope products (for the full list please visit https://en.security.tencent.com/index.php/policy)	OTHER	In Scope	19:09
Added	please note that the vulnerabilities reported for the following assets will not be eligible for bounties	OTHER	Out of Scope	19:09

Feb 22, 2026

Change	Asset	Category	Scope	Time
Added	please note that the vulnerabilities reported for the following assets will not be eligible for bounties	OTHER	Out of Scope	00:52
Added	*.qzoneapp.com	WILDCARD	Out of Scope	00:52
Added	*. myqcloud.com	WILDCARD	Out of Scope	00:52
Added	third-party applications and websites	OTHER	Out of Scope	00:52
Added	notes about tencent cloud (cloud.tencent.com as included in .tencent.com)	OTHER	Out of Scope	00:52
Added	only vulnerabilities affecting the platform itself and ip owned by tencent will be accepted. if an ip belongs to tencent cloud external customer, it is not considered in scope	OTHER	Out of Scope	00:52
Added	in-scope products (for the full list please visit https://en.security.tencent.com/index.php/policy)	OTHER	In Scope	00:52

Feb 21, 2026

Change	Asset	Category	Scope	Time
Removed	in-scope products (for the full list please visit https://en.security.tencent.com/index.php/policy)	OTHER	In Scope	21:40
Removed	please note that the vulnerabilities reported for the following assets will not be eligible for bounties	OTHER	Out of Scope	21:40
Removed	*.qzoneapp.com	OTHER	Out of Scope	21:40
Removed	*. myqcloud.com	OTHER	Out of Scope	21:40
Removed	third-party applications and websites	OTHER	Out of Scope	21:40
Removed	notes about tencent cloud (cloud.tencent.com as included in .tencent.com)	OTHER	Out of Scope	21:40
Removed	only vulnerabilities affecting the platform itself and ip owned by tencent will be accepted. if an ip belongs to tencent cloud external customer, it is not considered in scope	OTHER	Out of Scope	21:40
Added	please note that the vulnerabilities reported for the following assets will not be eligible for bounties	OTHER	Out of Scope	00:33
Added	*.qzoneapp.com	OTHER	Out of Scope	00:33
Added	*. myqcloud.com	OTHER	Out of Scope	00:33
Added	third-party applications and websites	OTHER	Out of Scope	00:33
Added	notes about tencent cloud (cloud.tencent.com as included in .tencent.com)	OTHER	Out of Scope	00:33
Added	only vulnerabilities affecting the platform itself and ip owned by tencent will be accepted. if an ip belongs to tencent cloud external customer, it is not considered in scope	OTHER	Out of Scope	00:33