Home / Companies / Vercel / Blog / Post Details
Content Deep Dive

The Vercel OSS Bug Bounty program is now available

Blog post from Vercel

Post Details
Company
Date Published
Author
Andy Riancho
Word Count
533
Company Posts That Month
19
Language
English
Hacker News Points
-
Post removed?
No
Summary

Vercel has launched a public bug bounty program on HackerOne for its open-source projects, inviting security researchers to identify vulnerabilities and enhance the security of its widely-used tools, which include frameworks like Next.js and Nuxt, among others. This initiative follows a successful private bug bounty program that began in August 2025, which yielded significant security insights and improvements. By opening the program to the public, Vercel aims to build on its proactive security measures that previously paid out over $1 million to researchers, emphasizing collaboration over confrontation. The program covers all Vercel open-source projects, prioritizing those with the highest potential impact, and provides clear guidelines for participation and reporting. Researchers are encouraged to submit vulnerabilities with detailed reproduction steps via HackerOne, where Vercel's security team is committed to prompt and transparent handling of disclosures to protect the millions of applications relying on these tools.

Trends Found in this Post

No tracked trend matches for this post yet.

Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.