top of page

1.REPORT <<<<startReport-------------------------!!

           Found a security

Great work, time to report it! Here you'll find three types of reports. Choose the one that best fits your finding, we’ll review it and get back to you as soon as possible.

"Screenshot of HackIntel vulnerability reporting form

2.REPORT <---!--view Reports--------------------------------->>>

The three report types

Google Bug Hunters supports reporting security vulnerabilities across a range of Google products and services. We have three reports to choose from to accurately report your findings.

3. <---!--Reports--------------------------------->>>

Report a security
vulnerability in a Google-
owned product

This is the place to report security vulnerabilities found in any Google-owned or Alphabet (Bet) subsidiary web service that handles reasonably sensitive user data. This includes Android, Chrome, and open source software released by Google. Please review the Rules before you begin to ensure the issue you’re reporting is eligible:

        Report here if you:

  •  Found a security vulnerability in a  Google product online.

  •  Verified that this security     vulnerability does not only affect you.

  • Have all the technical details of your finding.

4. <---!--Reports--------------------------------->>>


Report a Google Play bug

Google Play Security Reward Program (GPSRP) identifies and mitigates vulnerabilities in apps on Google Play, and keeps Android users, developers and the Google Play ecosystem safe.

Report here if:

  • You've found a vulnerability or security risk in an Android app found in the Google Play store

  • You have all the technical details of your find

  • You have a solution proposal that fixes your find

Report Play data abuse

The Developer Data Protection Reward Program (DDPRP) is a bounty program for finding and reducing data abuse in Android applications, Chrome extensions, and applications that use the Google API.

Report here if:

  • You've found a data abuse issue in an Android application, Google Chrome extension or any application that utilizes a Google API

  • You have all the technical details of your find

  • You have a solution proposal that fixes your find

5. <---!--Reports--------------------------------->>>


Public reports

Learn from the reports already submitted by the community.

Step-by-step guide to responsible security flaw disclosure."
bottom of page