Bounty Calculator 🤖

Paste any GitHub URL to discover how much you can earn and if your report will be eligible for a CVE.
Whilst most maintainers respond to reports, we cannot guarantee this unless the project is boosted 🚀

Boosted Projects 🚀

These projects are guaranteed to get reviewed and have boosted rewards for critical, high, medium and low severity reports.
The bounties and projects change often so you'll want to bookmark this page.

This section is in beta, tell us what you think.

Recently added (1)

View all

outline

NEW

$2000

added 6d ago

Java (58)

View all

spring-framework

$1200

junit4

$1190

slf4j

$1180

guava

$1150

okhttp

$1145

kotlin

$1135

netty

$1130

fastjson

$1105

gson

$1100

logback

$1090

httpcomponents-client

$1070

org.aspectj

$1065

HikariCP

$1065

JavaHamcrest

$1045

lombok

$1045

antlr4

$1040

commons-codec

$1030

jackson-core

$1030

neo4j

$1025

junit5

$1010

assertj-core

$995

JsonPath

$990

beanvalidation-api

$980

j2objc

$975

error-prone

$970

jetty.project

$950

reactive-streams-jvm

$945

httpcomponents-core

$945

logging-log4j2

$930

commons-lang

$920

antlr3

$885

HdrHistogram

$880

commons-io

$850

objenesis

$850

checker-framework

$835

java-annotations

$835

JSONassert

$830

commons-collections

$825

findbugs

$820

hibernate-commons-annotations

$815

commons-math

$815

LatencyUtils

$785

commons-compress

$780

json-smart-v2

$780

commons-beanutils

$775

java-classmate

$765

opentest4j

$760

commons-logging

$755

common-annotations-api

$735

apiguardian

$730

jpa-api

$730

jaxb-api

$705

jaf

$700

transactions

$695

json-smart-v1

$675

snakeyaml

$675

xerces-xml-commons

$615

java-concurrency-in-practice

$615

JavaScript (22)

View all

drawio

$2000

drawio-desktop

$2000

body-parser

$1200

yargs

$1200

express

$1200

iconv-lite

$1200

qs

$1200

grunt

$1190

url-parse

$1175

lodash

$1150

browserify

$1145

underscore

$1105

logback

$1090

mocha

$1085

guzzle

$1085

winston

$1070

lombok

$1045

whoops

$1030

parse-url

$915

logging-log4net

$825

silverstripe-cms

$820

chatwoot

$435

C# (8)

View all

Newtonsoft.Json

$1145

Dapper

$1060

antlr4

$1040

NLog

$975

serilog

$960

elasticsearch-net

$940

Core

$910

logging-log4net

$825

PHP (14)

View all

monolog

$1120

yaml

$1095

guzzle

$1085

Twig

$1050

whoops

$1030

Slim

$1030

cakephp

$1025

predis

$985

php-coveralls

$970

Pimple

$950

silverstripe-framework

$855

core

$825

silverstripe-cms

$820

core-bundle

$815

Python (14)

View all

jinja

$1095

pyyaml

$1065

click

$1065

antlr4

$1040

loguru

$1020

lxml

$1015

paramiko

$1000

pyparsing

$995

pre-commit

$990

simplejson

$960

GitPython

$930

client

$930

antlr3

$885

configparser

$875

Go (15)

View all

cli

$1065

mux

$1055

zap

$1050

gjson

$1010

zerolog

$970

go-restful

$950

go-grpc-middleware

$945

glog

$935

yaml

$935

easyjson

$930

go-git

$920

cors

$880

multierr

$855

logr

$840

nakama

$810

Apps (7)

View all

drawio

$2000

drawio-desktop

$2000

client

$930

core

$825

silverstripe-cms

$820

core-bundle

$815

nakama

$810

Apache (12)

View all

httpcomponents-client

$1070

commons-codec

$1030

httpcomponents-core

$945

logging-log4j2

$930

commons-lang

$920

commons-io

$850

logging-log4net

$825

commons-collections

$825

commons-math

$815

commons-compress

$780

commons-beanutils

$775

commons-logging

$755