LINK: ESTABLISHED
BOOTING PERSONAL TERMINAL...    LOADING USER PROFILE...    APPLYING CRT FILTERS...    PRESS [NAV] TO SWITCH SECTIONS    //    ALL DATA REMAINS LOCAL.  
MODE: DESKTOP

UNLISTED ROUTE // NOT INDEXED

Segment 21

SECURITY Bug Bounty

?
Terminal notice
This system is maintained under a 'dead corporate' operational model: minimal surface, maximum traceability. If you find something that could compromise integrity or privacy, report it. We will respond.
> Report via email OPEN
NODE: PRIVATE / LOCAL
POLICY: RESPONSIBLE DISCLOSURE
CONTACT: wieerwill@protonmail.com

Scope

Report vulnerabilities affecting this website, its client-side logic, content delivery, or configuration. Issues that can lead to data exposure, account/session compromise, code execution, or privilege escalation are in scope.

Out of scope
Do not run destructive tests. Do not attempt credential stuffing, service disruption, or automated scanning that impacts availability. If in doubt: ask first.

How to report

Send a single email containing the following dossier:

  • Vulnerability type (e.g. XSS, CSRF, misconfiguration)
  • Exact affected URL(s) / page(s)
  • Steps to reproduce (minimal + deterministic)
  • Expected vs. actual behavior
  • Impact assessment (what can be gained, leaked, modified)
  • Proof-of-concept (screenshots/video OK; keep it non-destructive)
> OPEN REPORT CHANNEL MAIL

Rewards

Verified, actionable submissions may receive a small reward (typically gift cards). The amount depends on severity, exploitability, and clarity of the report.

*
Operational note
This is a private node. Rewards are discretionary and depend on practicality of remediation. High-quality reports get priority.

Responsible disclosure

Please allow reasonable time for triage and remediation before public disclosure. Coordinated disclosure keeps users safe while the fix is deployed.

!
Do not publish active exploits
Publishing exploit details before a fix is deployed can endanger users. If you’re unsure, contact us first and we’ll coordinate disclosure.
> Coordinate disclosure OPEN

Roadmap of confirmed issues

Only non-sensitive items are listed publicly. Security-critical issues are disclosed after remediation.

FIXED Open CSP sources enabled harmful remote script vectors
FIXED Mobile UI glitch on device rotation
FIXED Wiki navigation regression when traversing history
OPEN “process not defined” error on Project Meme / Orly
OPEN Talk pages cut off by screen — adaptive sizing needed