Sub-headline: We deeply appreciate the efforts of security researchers and users who help us maintain the highest standards of security. If you’ve found a vulnerability, please report it responsibly using the form.
Download : Download our public key file here
Encrypt : Import the key into your PGP client (e.g., GPG, Kleopatra) and use it to encrypt your message and any attachments.
Send : Email the encrypted message to support@zunoy.com.
Respect Privacy & Service Integrity
Do not access, modify, or damage data beyond what is necessary to demonstrate the vulnerability. Avoid any actions that may disrupt Zunoy’s services or users.
Act in Good Faith
Your testing and reporting should be aimed at improving security—not harming systems, extracting data, or seeking personal gain.
Submit Thoughtfully
Refrain from submitting low-quality or duplicate reports. Provide clear, actionable information to help us address issues efficiently.
Note : Please avoid accessing or exfiltrating customer or personal data. If you inadvertently access such data, stop immediately, do not save a copy, and contact us. Your report should describe the type of data accessed without including the actual data itself.
Rewards & Recognition
At this time, Zunoy does not operate a formal public bug-bounty program with monetary rewards. We do, however, publicly recognize contributors (with permission) and may offer swag, early product access, or other non-monetary appreciation. If a monetary bounty program is announced in future, we’ll publish details here.
Confidentiality & Disclosure
We will treat your report with discretion. If you prefer anonymity or a private disclosure, please tell us in your report. We will coordinate any public disclosure with you and will not publish identifying information without your consent.
We are incredibly grateful to the following security researchers who have helped keep Zunoy and our users safe by responsibly disclosing vulnerabilities. Their expertise and collaboration are vital to our mission.
| Researcher Name / Handle | Date Acknowledged | Type of Vulnerability |
|---|---|---|
| Shamanth Hegde | 18 Sep 2025, 03:58 PM | Auth Bypass |
| Sanjay | 18 Sep 2025, 03:58 PM | Auth Bypass |
| Vineet | 18 Sep 2025, 03:58 PM | Auth Bypass |
* We’ll update this list as reports are validated and resolved.
Note : Inclusion in the Hall of Fame is at Zunoy’s discretion.
Only with prior coordination. Testing that risks data exposure or availability impact is not allowed without our consent.
Currently no formal monetary bounty. We can publicly credit you (if you agree) and may offer other recognition.
Please coordinate disclosure with us. We’ll agree on a timeline to ensure users are protected before public release.
We will acknowledge reports within 48 hours and provide progress updates. Resolution timelines may vary depending on severity and complexity.
Yes, you can. However, providing contact information allows us to collaborate with you more effectively, ask clarifying questions, and give you proper credit. We will never share your personal details without your explicit permission.
Whether you’re changing the world with innovation or impact, we’re here to back you.
All our products come with a lifetime free tier.
Zunoy credits gave us the push to launch faster without worrying about costs
Robert Fox
Founder, Early-stage Startup
One platform, one seamless experience. Everything you need to build, test, ship, and manage your team—with zero friction.
Copyright © 2025 - Mentcube Innovations Pvt Ltd. All Rights Reserved. v 0.6.28
CIN: U62090KA2025PTC197958
Dun & Bradstreet's DUNS Number: 772647201
Zunoy
