NC4 Logo

Complete Vulnerability Notification Form

Detailed coordinated vulnerability disclosure submission aligned to legal, technical, and operational reporting requirements.

Back to CVD guidance

[A] Reporter information


[B] Vulnerability identification


[C] Technical and impact details

Impact summary *

Formatting help: start with affected users/services, expected business impact, and severity rationale.

Steps to reproduce *

Formatting help: use numbered steps, include prerequisites, then expected vs actual result.

Proof of concept / indicators

Formatting help: include harmless PoC snippets, logs, hashes, and indicators of compromise.

Suggested remediation

Formatting help: prioritize immediate containment, medium-term fixes, and verification checks.

Accepted: images, PDF, Office documents, logs, JSON, ZIP archives.


[D] Disclosure and legal declarations

[E] NC4 CVD confidentiality undertaking

By submitting this report, you acknowledge that vulnerability details, evidence files, exploit steps, affected assets, and any related sensitive information are confidential. You agree not to publicly disclose, forward, publish, or otherwise share the submitted details before NC4 coordination or written authorization, and you agree to provide only information necessary for lawful verification and remediation.

Acceptance is recorded with submission metadata for audit and coordinated handling.