Great news! Arm’s bug bounty program is now public! Anyone can now report security vulnerabilities they discover in Arm GPU Software & Firmware and help us make our technology even more secure. If you’re a researcher or just someone who stumbled across a bug, check it out and get involved—we’d love your help!

We are delighted to be working with Intigriti to launch Arm's first bug bounty program - this is a big milestone for Arm and we are excited to welcome ethical hackers on this journey.

The current targets for this program are the most recent versions of the Mali GPU drivers and firmware - this is only be the beginning, as we intend bring more of Arm's technology into scope in the future, so keep your eyes open if you have bounty-hunting skills relevant to other technologies.

Please see the program for details for information about what exactly is in scope and the types of security vulnerability that are eligible for bounty payments.

Thanks in advance for your participation - we are excited to see what the program delivers and the security improvements that will make Arm GPU's safer!

The Arm team is available to chat on Discord (arm-general) and we're happy to help answer any questions there!

Happy hunting!