The name you wish to be credited with for this discovery. You may use a pseudonym or leave blank for anonymity.

Your contact email address. We will use this to follow up with questions or status updates about your submission.

Select whether you discovered this vulnerability yourself, are submitting on behalf of someone else, or have another arrangement.

The supplier that makes / maintains the affected product.

Please specify the product, service, or component affected by the vulnerability. Include version numbers, platforms, or configurations if relevant.

Please list the exact software versions, builds, or environments where you confirmed the vulnerability. This helps us reproduce the issue.

Clearly describe the vulnerability, its impact, and how it can be exploited. Include step-by-step reproduction instructions and, if possible, a proof of concept.

If yes, VulnCheck will reach out to the software vendor (supplier) and coordinate disclosure for your findings. If no, you will be responsible for coordinating disclosure yourself.

Check this if you have previously contacted MITRE about this vulnerability but haven't received a response.

If yes, please provide a link to a public reference. This can be a vendor advisory, release notes, a GitHub commit, a blog post, a news article, a public exploit, a social media post, an archive.org link, etc.

Please indicate whether the vulnerability being reported was generated with the assistance of AI tools.

Please indicate whether the vulnerability being reported was validated against production code, as opposed to test or development environments.

If applicable, provide a Shodan or Fofa query that can be used to identify vulnerable instances related to this vulnerability.

We encourage researchers to publish their findings on or after the coordinated disclosure date if they would like to do so!