If you find a security issue in Adam, we'd love to hear about it, and we'll pay for valid findings. Rewards are intentionally modest while the program is young, but every report gets a real human review and our sincere thanks.
Bounties are paid per validated report, at the severity we confirm during triage. Duplicates go to the first reporter.
What counts, and what doesn't. When in doubt, ask first at hello@adam.new.
Follow these and we will not pursue legal action for good-faith security research. That's a promise.
No account needed. Include a contact email if you'd like a bounty payout or a reply.
Your best guess is fine. We confirm severity during triage.
Only needed if you want a bounty payout or a reply. Leave it blank to report anonymously.