The compensation for bug bounty hunters can vary significantly based on several factors, including the complexity of the vulnerabilities they identify and the policies of the companies offering the bounties. As of June 26, 2025, the average hourly pay for a bug bounty hunter in the United States is approximately $20.98. However, this figure can be misleading, as many bug bounty programs offer rewards that can range from a few hundred to several thousand dollars for a single reported vulnerability, depending on its severity and impact. Additionally, experienced security researchers with a proven track record can command much higher payouts, sometimes exceeding $10,000 for critical vulnerabilities. Therefore, while the average hourly rate may seem modest, the potential for substantial earnings exists, particularly for those who are skilled and dedicated in their pursuit of identifying security flaws.