Skip to content
BUGFYXEEngineering company
WorkCapabilitiesHow we workContact

Legal / security

Find a flaw? Report it cleanly.

A direct, bounded process for good-faith vulnerability reports affecting the public Bugfyxe website.

Effective July 14, 2026Operator / BugfyxeCalifornia

On this page

Report a vulnerabilityWhat to includeResponsible testing rulesScopeResponse and safe harborSensitive or urgent reports

1. Report a vulnerability

Email arins@bugfyxe.com with “Security disclosure” in the subject. Do not send exploit code, credentials, or sensitive data until a safer exchange method is agreed.

2. What to include

  • Affected URL or component.
  • A clear description of the suspected issue and impact.
  • Minimal, non-destructive reproduction steps.
  • Date and time observed, browser, and relevant request details.
  • How you would like to be credited, if at all.

3. Responsible testing rules

Act in good faith. Do not access, alter, retain, or disclose other people’s information; disrupt service; perform denial-of-service testing; use social engineering; test physical facilities; scan third-party services; or demand payment. Stop testing and report immediately if you encounter sensitive data.

4. Scope

This process covers the public Bugfyxe website and assets directly controlled by Bugfyxe. Netlify, email providers, DCyber Group, DCyberWear, and other linked destinations are third-party systems and must be reported through their own programs.

5. Response and safe harbor

We will make a reasonable effort to acknowledge credible reports, investigate, and communicate material remediation progress. No specific response time, bounty, payment, or public credit is promised unless agreed in writing.

Bugfyxe will not initiate legal action solely for accidental, good-faith research that follows these rules, avoids privacy harm and service disruption, and is reported promptly. This statement does not authorize conduct that violates law or third-party rights.

6. Sensitive or urgent reports

For an actively exploitable issue, state “URGENT” in the email subject and provide a concise impact summary without attaching live secrets or personal information.

LegalPrivacyTermsCookies & storagePrivacy choicesAccessibilitySecurityThird-party notices
© BugfyxeCalifornia · Working globally