BITDEER

Security Vulnerability Submissions

At Bitdeer, the security of our customers' digital assets and global infrastructure is our highest priority. While we engineer our solutions for robust security, the complexity of our ecosystem means vulnerabilities may still arise. We believe a strong partnership with the security community is essential, and we invite you to help us identify and resolve these issues. We deeply value your expertise in responsible disclosure and your vital contributions to protecting our users worldwide.

Vulnerability Scope

Upon detection of a suspected vulnerability, please notify us as soon as possible. The vulnerability should be of critical or important severity, posing to be a significant threat.

circle_tick

Types of qualifying vulnerabilities

  • tick

    SQL Injection (SQLi)

  • tick

    Persistent Cross-Site Scripting (XSS)

  • tick

    Remote Code Execution (RCE)

  • tick

    Insecure Direct Object Reference (IDOR)

  • tick

    Horizontal and vertical privilege escalation

  • tick

    Authentication bypass & broken authentication

  • tick

    Business Logic Errors vulnerability with real security impact

  • tick

    Local files access and manipulation (LFI, RFI, XXE, SSRF)

  • tick

    Cross-site Request Forgery (CSRF) with real security impact

  • tick

    Exposed secrets, credentials or sensitive information on an asset under our control

circle_tick

Types of non-qualifying vulnerabilities

  • tick

    cookie flags, HTTP Strict Transport Security Header)

  • tick

    Clickjacking/UI redressing

  • tick

    Known CVEs without working PoC

  • tick

    Social engineering of staff or contractors

  • tick

    Vulnerabilities affecting outdated browsers or platforms

  • tick

    Expired certificate, best practices and other related issues for TLS/SSL certificates

  • tick

    Invalid or missing SPF (Sender Policy Framework), DKIM, DMARC records

  • tick

    Unauthenticated / Logout / Login and other low-severity Cross-Site Request Forgery (CSRF)

  • tick

    Lack of rate-limiting, brute-forcing or captcha issues

  • tick

    Other unexploitable vulnerabilities

reporting_bg

Reporting a vulnerability

By submitting a vulnerability report, you agree to our Submission Terms & Conditions.

Submit your report by email to [email protected] in the following format:

Subject: (date)_(reporter's name)_(short description)

1.Vulnerability details 2.Proof of vulnerability 3.Possible security impact 4.Steps to reproduce 5.Remediation method

Read more about our Submissions Terms & Conditions.

BITDEER

© 2026 Bitdeer. All rights reserved

Company

About usCareersNewsAnnouncementPartner with usInvestor RelationsBI DownloadMiner Materials

Product

AI CloudCloud MiningMinerbaseMiningSentryLe FreeportTechnology Roadmap

Services

Miner After-SalesMining CalculatorInstitutional ServiceHash Rate MarketData Center supportMining InsightsGlobal Mining Farm

Support

Help CenterContact usLearn
Terms & Conditions|Privacy Policy