Checking connection...

How to report a bug or vulnerability

Last updated: 18 September 2019

Found a bug or vulnerability? Here's how you can securely report it directly to us.

Use email for non-sensitive issues or general enquiries

Just send an email to support@mullvad.net

Use encrypted email for more sensitive issues

If you've found a sensitive vulnerability and want to contact us in a secure and private manner, then send us a PGP-encrypted email to support@mullvad.net using our public key.

Don't know how to do that? Follow our guide on using encrypted email.

Bounty for bugs?

While we (currently) have no bug bounty program, we greatly appreciate the goodwill of customers who take the time to share their finds with us. Whether it's a tiny bug that you've found and helped us squash or a slightly larger, hairier, uglier vulnerability that needs special attention, all reports help us to continuously improve our service for everyone

Send via the app

If you encounter an issue while using the Mullvad VPN app, you can easily notify us directly from within the app. In the Settings menu, click on Report a problem and send your find to us. You don't need to fill in an email address, but if you want a reply from us, you will need to include one. As the form states, your app's log files are anonymized before being securely sent to us.