Bug Bounty Programs

DHL Group is a global logistics company providing services in express delivery, freight transportation, supply chain management, e-commerce solutions, as well as postal and parcel services. As part of our commitment to security, we invite researchers to participate in our vulnerability disclosure program, helping us ensure protection of our systems. Join us in identifying and reporting potential vulnerabilities to maintain the highest standards of security for our customers and partners.

Revolut is a financial technology company that offers banking services. It offers accounts featuring currency exchange, debit cards, virtual cards, interest-bearing "vaults", commission-free stock trading, crypto, commodities, and other services to over 60M customers. Please visit our website for more information: www.revolut.com

Responsible Disclosure indicates ING’s continued commitment to improve its security posture. As part of this process, we work closely with security researchers to identify and report vulnerabilities they find within our systems. ING appreciates security researchers efforts in reporting vulnerabilities on its systems as long as the discovered vulnerability is in scope, detected without the use of intrusive testing techniques, and follows the disclosure guidelines below:

VULNERABILITY DISCLOSURE PROGRAM (VDP) Above all else, University Hospital Zurich is committed to the care and improvement of human life. Part of that mission is to protect our patients, people, systems, and facilities. We want encourage security researchers to feel comfortable reporting vulnerabilities they’ve discovered to us in good faith.

Thank you for visiting our program, we are happy with ethical hackers who want to look have a into our security with an objective view. Social Deal is an online platform for consumers to buy the best deals in their region. With these deals they can discover restaurants/hotels/beauty/zoo and many other retailers for the best price. Social Deal is active in Netherlands, Belgium and Germany. Our customers trust our brand. We want to be sure the data is protected to keep our brand value high.

AS National Media & Tech (NMT) is a subsidiary of Axel Springer SE, a leading international media company. We develop and operate digital products for Germany’s top news brands, reaching over 50 million users each month. At Axel Springer, we stand for free journalism and unrestricted access to information, allowing people to make free decisions. To protect this, the security of our platforms and users is our top priority. Your contributions help us keep them safe.

Ubisoft’s Responsible Disclosure Program provides a safe, public channel for anyone to report security vulnerabilities in Ubisoft-owned, internet‑facing services, official applications and video games. The purpose of this program is to partner with the security community to identify and remediate issues before they can impact our players, employees, partners, or data. We encourage good‑faith, non‑disruptive research and clear, reproducible reports that demonstrate impact with the minimum necessary evidence. Please avoid actions that could affect availability, privacy, or other users, and use test accounts whenever possible. In return, our security team commits to prompt triage, transparent communication, and appropriate recognition in line with program policies. If you believe you’ve found a vulnerability, please submit it through Intigriti so we can investigate and fix it quickly—helping keep Ubisoft’s worlds safe and enjoyable for everyone.

Welcome to Yahoo Yahoo is a global media and advertising company connecting people to their passions. With one of the largest online audiences in the world, Yahoo brings people closer to what they love — from finance and commerce, to gaming and news — with the trusted products, content, and tech that fuel their day. For partners, we provide a full-stack platform to amplify businesses and drive more meaningful connections across advertising, search, and media.

Creators of hit computer game franchises Bloons, Bloons TD and SAS: Zombie Assault for mobile and web. We have offices in Auckland, New Zealand and Dundee, Scotland. We are excited to engage with the security community to help us keep our users safe and our services secure. This is our second Bug Bounty program after a successful campaign in 2021.

Capital.com, voted ‘Most Innovative Tech 2021’ by TradingView is a multi-award winning global investment trading platform authorised and regulated by the UK’s Financial Conduct Authority, the Cyprus Securities and Exchange Commission, and the Australian Securities and Investments Commission. Recognised for its quality 24/7 customer support, seamless trading experience and competitive fees, Capital.com is a fast-emerging leader in the European leveraged trading industry.

We provide a platform for: - Businesses to sell products (like food, clothing and even electronics). - Customers to purchase such products and get them delivered by Wolt couriers. - Wolt couriers to receive and manage delivery requests. We have more than 30 million registered users and we operate in 20+ countries. Read more about us: https://wolt.com/en/about.

Welcome! WP Engine invites you to evaluate our products and platforms. WP Engine equips its customers with a suite of agility, performance, intelligence, and integration solutions, so you can build and deploy a range of online experiences from campaign sites to content hubs to e-commerce extensions. Good luck and happy hunting!

We're an independent, not-for-profit membership organisation that supports the infrastructure of the Internet through technical coordination in our service region. Our most prominent activity is to act as the Regional Internet Registry (RIR) providing global Internet resources and related services (IPv4, IPv6 and AS Number resources) to members in our service region.

At KU Leuven, we are committed to ensuring the integrity of our Housing Application Program. This program allows both new and returning students to apply for a room in KU Leuven Central Services Residences, helping them find the right accommodation. As with all our platforms, we recognize that vulnerabilities can exist, and we encourage researchers to report any security issues they may discover within this application. If you identify a vulnerability while using the application, please follow our disclosure guidelines to report it safely and responsibly. Your contributions help us maintain a secure and seamless experience for all students!

De Lijn is the Flemish public transportation company dedicated to giving their customers a comfortable and quick ride. Due the fact that we use the latest IT equipment and servers is our security ought to be at the top of our game. For this program we are putting the focus at our web clients, APIs and of course the mobile application.

We are an award-winning German startup with locations in Munich, Eindhoven and Pittsburgh. We are 100% funded by the Bosch Group. Our goal is to be the leading open platform and marketplace for smart security and safety solutions. The platform we offer is based on a camera operating system that powers cameras from various manufacturers on the market. It connects to our Application Store where leading video analytics development companies offer cutting-edge apps.

Oda.com and Mathem.se is the leading online grocery storesin Norway and Sweden.

TrueLayer is opening up finance and changing the way the world pays. Empowering businesses in every industry to create first-class financial experiences for their customers. We build on top of the Open Banking and PSD2 standards to provide APIs for our customers to use to provide financial data and payment initiation services.

Voi is europe's biggest micro-mobility operator based in Stockholm, Sweden. We manage a system of electrically powered scooters and bikes around urban centers. We provide an affordable, sustainable, and exhilarating way to commute while helping people to reduce their carbon footprint and cities to have a more sustainable transportation network. We are excited to work with and reward the community of security researchers to continuously improve our security position.

WP Engine invites you to test the WP Engine and Flywheel Digital Experience Platforms. WP Engine equips its customers with a suite of agility, performance, intelligence, and integration solutions, so you can build and deploy a range of online experiences from campaign sites to content hubs to e-commerce extensions. Good luck and happy hunting!

Doccle, founded in 2014, is a Belgian company that hosts an online platform where you can receive, pay, share and store your administration in one place. You can add several suppliers to your Doccle account in a few mouse clicks. This way, you will receive all documents in one place. You can also pay, sign or share them via Doccle. All your documents are securely stored in your digital archive. The more companies you add, the more documents you will receive.

PeopleCert is the global leader in the assessment and certification of professional and language skills, partnering with multi-national organisations and government bodies to develop and deliver market leading exams worldwide. This policy is intended to give security researchers clear guidelines for conducting vulnerability discovery activities.

Visma delivers software that simplifies and digitizes core business processes in the private and public sector. With presence across the entire Nordic region along with Benelux, Central and Eastern Europe, we are one of Europe’s leading software companies. We want to engage with responsible security researchers around the globe to further secure our services. This program is dedicated for all Visma assets (services, products, web properties).

In Nestlé we believe in the power of food to enhance quality of life for everyone, today and for generations to come. IT Security is a top priority for us, we are committed to work with security researchers across the globe to help protect our systems and our customers' data from malicious activity and to further improve cyber security across our organization.