Vulnerability Disclosure Programs (VDPs) are structured ways for companies to accept reports of security vulnerabilities from researchers. Kudos points were mistakenly used as a way to get invited to private programs, leading to duplicate abuses and confusion among researchers. To clarify the purpose of VDPs, Bugcrowd will be eliminating points from them starting June 1st, aiming to provide a safe and low-noise approach for researchers who want to report vulnerabilities to companies. Researchers should participate in VDPs if they want to protect users by identifying security vulnerabilities, or if they believe a public disclosure is possible. Making high-priority submissions on Bugcrowd will increase chances of receiving private program invitations.