General Services Administration · Vulnerability Disclosure

General Services Administration Vulnerability Disclosure

Vulnerability disclosure

General Services Administration runs a coordinated vulnerability disclosure program on Hackerone. A machine-readable /.well-known/security.txt is served. A dedicated security contact is published.

Federal GovernmentProcurementAcquisitionOpen Data
Program: Hackerone security.txt present

Disclosure Policy

Policy

Security Contact

Contact
gsa-vulnerability-reports@gsa.gov
Contact
https://hackerone.com/gsa_vdp

Source

Vulnerability Disclosure

general-services-administration-vulnerability-disclosure.yml Raw ↑
generated: '2026-07-11'
method: searched
probe: true
source: https://gsa.gov/.well-known/security.txt
policy:
- https://gsa.gov/vulnerability-disclosure-policy
contact:
- gsa-vulnerability-reports@gsa.gov
- https://hackerone.com/gsa_vdp
evidence:
- source: https://gsa.gov/.well-known/security.txt
  kind: security.txt (live probe)