SDK
Web
Provide environment information
Message:
Hello MetaMask Engineering and Security Teams,
I am opening this ticket to escalate an administrative standstill regarding a critical vulnerability report submitted through your official HackerOne bug bounty program.
The report contains a fully functional Proof of Concept (PoC) demonstrating a critical impact. However, despite your program's stated Service Level Agreement (SLA) objectives, the ticket has received no substantive updates from the support team or any sorting progress for nearly a month.
Out of respect for user asset security and responsible disclosure protocols, I have maintained strict confidentiality and have not disclosed any technical details or steps for reproducing the vulnerability. However, the lack of response through the proper channels is extremely concerning.
I urge an experienced security engineer or program manager to review the critical queue pending on HackerOne immediately and provide a real-time update on the report's status on the platform.
Thank you.
MetaMask SDK Version
N/A
MetaMask Mobile app Version
N/A
What browser are you using? (if relevant)
No response
How are you deploying your application? (if relevant)
No response
Describe the Bug
Urgent: Vulnerability Report Stuck in the Sorting Queue for Over a Month (HackerOne)
Expected Behavior
Urgent: Vulnerability Report Stuck in the Sorting Queue for Over a Month (HackerOne)
Link to reproduction - Issues with a link to complete (but minimal) reproduction code will be addressed faster
No response
To Reproduce
Urgent: Vulnerability Report Stuck in the Sorting Queue for Over a Month (HackerOne)
SDK
Web
Provide environment information
Message:
Hello MetaMask Engineering and Security Teams,
I am opening this ticket to escalate an administrative standstill regarding a critical vulnerability report submitted through your official HackerOne bug bounty program.
The report contains a fully functional Proof of Concept (PoC) demonstrating a critical impact. However, despite your program's stated Service Level Agreement (SLA) objectives, the ticket has received no substantive updates from the support team or any sorting progress for nearly a month.
Out of respect for user asset security and responsible disclosure protocols, I have maintained strict confidentiality and have not disclosed any technical details or steps for reproducing the vulnerability. However, the lack of response through the proper channels is extremely concerning.
I urge an experienced security engineer or program manager to review the critical queue pending on HackerOne immediately and provide a real-time update on the report's status on the platform.
Thank you.
MetaMask SDK Version
N/A
MetaMask Mobile app Version
N/A
What browser are you using? (if relevant)
No response
How are you deploying your application? (if relevant)
No response
Describe the Bug
Urgent: Vulnerability Report Stuck in the Sorting Queue for Over a Month (HackerOne)
Expected Behavior
Urgent: Vulnerability Report Stuck in the Sorting Queue for Over a Month (HackerOne)
Link to reproduction - Issues with a link to complete (but minimal) reproduction code will be addressed faster
No response
To Reproduce
Urgent: Vulnerability Report Stuck in the Sorting Queue for Over a Month (HackerOne)