Please report any vulnerabilities you discover that are not yet publicly known, if they are:

  • high-impact vulnerabilities that may affect many users, critical national infrastructure or physical safety and could occur in software components, protocols or hardware
  • vulnerabilities in websites or systems for big business or government entities.

Coordinating the disclosure of vulnerabilities can minimise the potential harm caused by those vulnerabilities being exploited.

This disclosure will give vendors and developers more time to mitigate the vulnerabilities and enable affected systems of national interest to reduce their exposure. 

The Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) has developed a secure process to enable reporting of a vulnerability.

Fill in your contact details below and a member of the ASD’s ACSC will contact you to proceed with the process and provide information about the secure email certificate.

Contact details

By submitting this form you acknowledge that you are not reporting a cybercrime.
To report a cybercrime please use the Report a Cybercrime form.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Was this information helpful?

Thanks for your feedback!


Tell us why this information was helpful and we’ll work on making more pages like it