Secunia encourages all security researchers, independent or otherwise, to report their findings directly to Secunia to ensure that the research will be published as quickly and accurately as possible through Secunia.com.

Please send an email to vuln@secunia.com to send us your research.

NOTE: All vulnerability reports sent to Secunia are considered public knowledge and will result in Secunia issuing a publicly available Secunia advisory, unless clearly stated that it is a private disclosure to the Secunia advisory team and that you want Secunia to help coordinate disclosure with the vendor.

Information in your report should include:

  • Affected operating system/software, including full version details
  • How the vulnerability can be reproduced
  • What impact the vulnerability has on the vulnerable system
  • Any additional details that might help in the verification process

Coordinating your vulnerability disclosure with Secunia

Secunia believes that security information should be publicly available and easily accessible for everybody. Based on this value, Secunia publishes all Secunia advisories to the Secunia.com web site.

Due to this, many people rely on Secunia advisories for verification, assessment, and further information to ensure that they act on the most accurate information possible.

By coordinating your disclosure with Secunia you benefit in the following ways:

  • Verification of your research before disclosure
  • Inclusion of Secunia references in your research papers
  • Ensuring that people can trust the information released by you
  • Helping people to verify your findings
  • Your research is available on the most respected site with all relevant details