globe with a red arrow through the middle, and dark blue text saying Direct Cyber

Vulnerability disclosure policy

DirectCyber is a CNA, and can assign CVEs to vulnerabilities in scope.


Issues in third party products identified by or reported to DirectCyber, that is not already in the scope of another CNA.

Proof of concept

Please provide a proof of concept if possible for reproduction and analysis, in a way that will not damage the vulnerable target systems.


[email protected]