[_8j50]

Are you kidding me? If money was my goal, 50k would be so insulting! A slightly more malicious person would brick the whole fleet as retribution.

[donmcronald]

Alternatively, document it with trusted timestamps and don't report it. Then if someone else exploits it you could parlay the media frenzy into a lot of publicity that's probably worth more than the tiny bounties many companies pay.

"Oh, we discovered that 2 years ago, but the bug bounty program didn't make it worth reporting. Want to buy a security audit?"