Submit Your Research

ZERODIUM acquires zero-day research with fully functional exploits only. We do not acquire PoCs for theoretically exploitable or non-exploitable vulnerabilities. For more information, please read our Program and FAQ sections.

To receive a pre-offer for your zero-day research, please fill out the form below.

Important: We usually reply within 1 to 2 business days. Please check your spam/junk folder in case our emails are flagged as spam.

Required details to receive a pre-offer:

Your name or nickname
Your email address
Target software name + version(s) + architecture(s) (32bit, 64bit, or both)
Target OS version(s) + architecture(s) (32bit, 64bit, or both)
Vulnerability type/class (e.g. use-after-free, race condition, etc)

Attack scenario/vector (e.g. visit a web page, open a document, etc)
Success rate of the exploit (100% or less)

Time of execution of the exploit (in seconds)

What kind of shellcode/payload is provided with the exploit (explain)

Does the exploit include process continuation (no crash after exploitation)

Is the exploit working with default installations and settings

If it does not work with default installations or settings, please explain the requirements
Is the exploit requiring any authentication or credentials (explain)
Is the exploit requiring any user interaction (explain)
Is the exploit requiring any specific user privilege (explain)
What is the obtained privilege after a successful exploitation (explain)
Any other important information, limitations, or requirements
Your nationality and country of residence (for payment purposes)
Your public PGP key (if you have one)
  [You can install and use PGP by following these instructions for Windows, Mac, or Linux]

Please enter captcha text