The whole point of the bounty is to incentivize disclosure to the software/hardware maker instead of using it nefariously or selling it to someone who will. Companies can avoid being "blackmailed" by offering fair prices for bounties. If finding several high severity bugs results in a paltry bounty, there is little incentive to disclose.
