We would like to ask you to report any vulnerabilities in software, websites, and computer programs by submitting a CVD report. A CVD report is a notification of a vulnerability that can be exploited by malicious actors, and it is important that such reports are submitted as soon as possible. Here you can read our policy.
When you submit a CVD report, our team of experts will investigate it promptly. We will map out the vulnerability and do everything in our power to fix it as quickly as possible. We take every CVD report seriously and make sure to address the vulnerability promptly.
We want to emphasize that submitting a CVD report does not mean you have to fix the vulnerability yourself or address any security issues. It is enough to inform us about the vulnerability so that our team can start working on a solution.
We understand that submitting a CVD report is not always easy and some people may hesitate to do so. Therefore, we want to assure you that we always treat your report confidentially and protect your privacy. Additionally, CVD reports contribute to the safety of everyone who uses the software, website, or computer program to which the vulnerability applies. For our privacypolicy you can go to this page (dutch).
We value the efforts of security researchers. For serious and verifiable vulnerabilities, we may grant a reward (bug bounty). The amount depends on the impact and quality of the report. Only after assessing the report will we decide whether a reward will be granted and in what form.
Finally, we would like to thank you for your cooperation and emphasize that your CVD report contributes to a safer online environment for all of us.