Welcome to the Federal Judiciary Responsible Disclosure
By submitting a vulnerability to the Administrative Office of the U.S. Courts (on behalf of the Federal Judiciary) through ResponsibleDisclosure.com, you agree to the Terms of Service.
Get Started


The Federal Judiciary is committed to ensuring the security of the American public by protecting their information from unwarranted disclosure. This policy is intended to give security researchers clear guidelines for conducting vulnerability discovery activities and to convey our preferences in how to submit discovered vulnerabilities to us. This policy describes what systems and types of research are covered under this policy, how to send us vulnerability reports, and how long we ask security researchers to wait before publicly disclosing vulnerabilities. We want security researchers to feel comfortable reporting vulnerabilities they’ve discovered – as set out in this policy – so we can fix them and keep our users safe. We have developed this policy to reflect our values and uphold our sense of responsibility to security researchers who share their expertise with us in good faith.


If you make a good faith effort to comply with this policy during your security research, we will consider your research to be authorized, we will work with you to understand and resolve the issue quickly, and will not recommend or pursue legal action related to your research.


Under this policy, “research” means activities in which you:
Once you’ve established that a vulnerability exists or encounter any sensitive data (including personally identifiable information, financial information, or proprietary information or trade secrets of any party), you must stop your test, notify us immediately, and not disclose this data to anyone else.

For a full list of program scope please visit the Federal Judiciary Vulnerability Disclosure Policy .

Typical Vulnerabilities Accepted

Typical Out of Scope

For a full list of program scope please visit the Responsible Disclosure details page.

Responsible Disclosure Guidelines