Mission Vector Zero

Description

Through Mission Vector Zero, we aim to identify vulnerabilities in widely used systems and software. Our focus spans the entire technology stack, from web applications to hardware with deliberate emphasis on high-impact, widely adopted targets. Every finding must meet strict, verifiable criteria for impact and adoption.

Scope (for our team)

In scope (examples):

• Web applications
• Binaries and executables
• Servers and server software
• Frameworks and operating systems
• Libraries, extensions, and packages
• Hardware and firmware
• Closed & open-source software
• Public and private bug bounty targets

Note: Inclusion in scope does not mean every category will be actively tested. These are potential target types available for selection.

Objectives

1. Identify at least one 0-day vulnerability across 30 high-value targets.
2. Each target must have a documented and verifiable user base of ≥ 250,000 users.

Vulnerability Acceptance Criteria

We will not pursue low-impact or trivial issues. Each vulnerability considered for this mission must meet the following standards:

• Must be scored using the CVSS v3 calculator, confirming a severity score of 6.0 or higher
• Alternatively, when using Bugcrowd’s Vulnerability Rating Taxonomy (VRT), only P1-P3 vulnerabilities qualify

Transparency

Unlike previous missions focused on CVE hunting, we cannot always disclose full details of the vulnerabilities identified, especially for private bug bounty or government engagements (e.g., Department of Defense).
Instead, for institutional verification, we will provide the following metadata:

• Reporter name
• Timestamp
• Report ID

Progress

Current mission progress: