Mapbox appreciates the effort of software security researchers who work to make the Internet more secure. Our security vulnerability coordination and bug bounty program exist to reward the work of security researchers who find issues with our software and web services.
Our vulnerability coordination program offers cash rewards for researchers who find security vulnerabilities that meet certain requirements. Please read our HackerOne program page for the full details of our program. Reports should be made via our HackerOne program, but if you are unable to sign up on HackerOne, email us at firstname.lastname@example.org, though your report may not be eligible for a monetary bounty.