INFO: If the website you are visiting breaks any laws or moral rules, please report it to us at admin[@] ASAP.

Welcome to!

Coordinated Vulnerability Disclosure done right

Three significant barriers exist to a researcher's participation in a vulnerability disclosure process:

  • Legal uncertainty: will I get sued if I report a vulnerability to an organisation?
  • Lack of appropriate existing means for disclosing a vulnerability: this is what aims to address.
  • Insufficient or excessively slow communication with the system manager or coordinator: with, a CERT is the recipient and undertakes to inform and, if necessary, further coordinate the vulnerability correction process.

It is thus essential the legal security necessary to security researchers involved in the discovery of vulnerabilities. As such, it is crucial to put appropriate disclosure processes in place through supplementary advice and better practices. A long-time partner of the security research community, YesWeHack addresses barriers to coordinated vulnerability disclosure through This non-profit, non-partisan platform provides the technical means and environment for researchers to report securely and for organisations to receive in all confidentiality. Please read our FAQ for further details.

Ready to submit? Scroll on.

If you prefer to conceal technically revealing details about yourself,
use the Tor browser and the instance.


The icon indicates which parts of the report will be encrypted inside your browser.