Hall of Fame

We thank the following researchers for responsibly disclosing security issues in our products. Listing is opt-in; researchers may request anonymity, a handle, or omission from this page.

No entries yet. This page will populate as advisories are published. To appear here, indicate consent in your initial report or any time before the public advisory is finalised.

How to be credited

Email security@blueberry.bg with:

• A vulnerability report following our CVD policy
• Your preferred name or handle for credit
• Optional: a public profile link (Twitter, Mastodon, GitHub, personal site)

We credit researchers who:

• Followed responsible disclosure
• Did not cause harm to users or services during testing
• Allowed us coordinated time to fix before public disclosure

Bug bounty

We do not currently run a paid bug-bounty program. We may introduce one in 2027. Until then, recognition on this page is what we can offer.