Security

If you have security concerns or a disclosure to make that is not one of HackerOne’s Core Ineligible Findings, you may contact the security team via [email protected]

Reports that do not include a detailed step-by-step explanation of how to replicate the issue and demonstrate relevant security impact will be closed. We will only triage reports when the root cause is under our control.

Please note that we do not offer a bug bounty programme.

Out of scope

• Raspberry Pi Direct (see Shopify Bug Bounty instead)
• Raspberry Pi Codecs Store (see BigCommerce instead)

Acknowledgements

Thanks to the following security researchers for reporting and helping resolve security vulnerabilities:

• Auragng25
• Ishwar Kumar
• Md. Akhlakur Rahman Tanvir
• Mehedi Hasan
• Nahid0x1
• Roqeeb Tajudeen
• Sameer Ahmad
• Sebin Thomas
• Sheikh Rishad
• Sidharth Bahuguna
• Spade