Overview
- The new AI Vulnerability Reward Program is live and centers on high-impact flaws in flagship products such as Google Search, Gemini Apps, and core Workspace applications, with additional tiers for standard and other AI integrations.
- Base awards top out at $20,000 for severe ‘rogue actions’ in flagship products, with quality and novelty multipliers that can lift a single payout to $30,000.
- Category caps include up to $15,000 for sensitive data exfiltration and up to $5,000 for phishing enablement, model theft, and context manipulation, with lower amounts for access control bypass, unauthorized usage, and cross‑user DoS.
- Google cites concrete examples of qualifying exploits, such as an indirect prompt injection that unlocks a smart lock via Google Home or one that summarizes a victim’s emails and sends them to an attacker.
- Content-generation issues like jailbreaks, hallucinations, or hate‑speech outputs are out of scope and should be reported via in‑product feedback, and Google also introduced CodeMender, an AI agent credited with 72 human‑vetted open‑source security fixes.