Skip to content

Security Vulnerability Disclosure - Request for Contact Information #150

New issue
New issue
Open
Open
Security Vulnerability Disclosure - Request for Contact Information#150
Labels
acceptedAccepted, will be fixed in the next release (at least in experimental)
Milestone
2.25.0
@alestorm980

Description

@alestorm980
alestorm980
opened on Dec 26, 2025

Security Contact Request

Our security research team has found a potential vulnerability in your software that we would like to report through a responsible disclosure process.

We were unable to locate a dedicated security contact, security policy, or SECURITY.md file for your project. We also sent an email to support@airvpn.org, but did not receive a reply.

Additional context

  • Security vulnerability details will be shared privately once contact is established
  • Our responsible disclosure policy typically requires public disclosure after a set period without vendor response
  • To ensure this finding reaches the appropriate team members, could you please:
    • Provide a security contact email address where we can send the vulnerability details, or
    • Consider creating a SECURITY.md file in your repository with disclosure guidelines and contact information

You can reach our security research team at research@fluidattacks.com
We're trying to work with you on this and would prefer coordinated disclosure over public disclosure.

Metadata

Metadata

Assignees

No one assigned

    Labels

    acceptedAccepted, will be fixed in the next release (at least in experimental)

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions