From bbdfb473de82909aad181cd3725f29717ad06eb0 Mon Sep 17 00:00:00 2001
From: Liss-Bot <alicia-gh-bot@mail.as93.net>
Date: Fri, 8 May 2026 04:01:26 +0000
Subject: [PATCH] Add program: Bambu Lab

Co-Authored-By: Aditya Saxena <adityaax@users.noreply.github.com>
---
 independent-programs.yml | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/independent-programs.yml b/independent-programs.yml
index a117336..4f6fb85 100644
--- a/independent-programs.yml
+++ b/independent-programs.yml
@@ -49,6 +49,37 @@ companies:
   response_sla_days: 2
   hall_of_fame_url: https://axispay.tech/legal/disclosure#hall-of-fame
 
+- company: Bambu Lab
+  url: https://bambulab.com/en/bug-bounty-program
+  contact: mailto:security@bambulab.com
+  rewards:
+  - '*bounty'
+  program_type: bounty
+  status: active
+  description: |-
+    Through our Bug Bounty Program, we collaborate with the security community to identify vulnerabilities early and strengthen the safety and reliability of our systems. Please refer to the detailed testing scope and reward rules below.
+    Link - https://bambulab.com/en/bug-bounty-program#scopeAndBounty
+  excluded_methods:
+  - dos
+  - social_engineering
+  - phishing
+  - physical_access
+  scope:
+  - target: '*.bambulab.com and makerworld.com'
+    type: web
+  - target: Bambu Handy, Bambu Studio, Bambu Suite and Bambu Connect
+    type: PC & App
+  - target: X-series, P-series, A-series, and H-series firmware
+    type: Device
+  out_of_scope:
+  - srm.bambulab.com
+  - prm.bambulab.com
+  domains:
+  - '*.bambulab.com'
+  - makerworld.com
+  response_sla_days: 10
+  reporting_url: https://bambulab.com/en/bug-bounty-program/reports/create
+
 - company: BSI Germany
   url: https://www.bsi.bund.de/EN/IT-Sicherheitsvorfall/IT-Schwachstellen/it-schwachstellen_node.html
   contact: mailto:vulnerability@bsi.bund.de