Skip to content

Report Security Vulnerabilities in reNgine



Security Researchers, welcome onboard! I am excited to announce bug bounty program for reNgine in collaboration with, this means you'll be rewarded for any security vulnerabilities discovered in reNgine.

Thank you for your interest in reporting vulnerabilities to reNgine! If you are aware of potential security vulnerabilities within reNgine, we encourage you to report immediately via


Please do not disclose any vulnerabilities via Github Issues/Blogs/Tweets after/before reporting on as it is explicitly against and reNgine disclosure policy and will not be eligible for monetary rewards.

Please note that the maintainer of reNgine does not determine the bounty amount. The bounty reward is determined by industry-first equation from to understand the popularity, impact and value of repositories to the open source community.

Expectation from Security Researchers

  • Patience: Please note that currently I am the only maintainer in reNgine and will take sometime to validate your report. I request your patience throughout the process.
  • Respect Privacy and Security Reports: Please do not disclose any vulnerabilities in public (this also includes github issues) before or after reporting on! That is against the disclosure policy and will not be eligible for monetary rewards.
  • Respect the rules

What do Security Researchers get in return

  • Much thanks from Maintainer
  • Monetary Rewards
  • CVE ID(s)

Please find the FAQ and Responsible disclosure policy from

How do I report?

You can report the security vulnerabilities from here.