TLDR: It depends. People who discover bugs and security vulnerabilities and want to improve security by publishing about their findings generally have a substantial task managing competing interests in the process. Publishing your findings can help others learn from that single mistake by installing a known patch, learning what mistakes not to make when building systems, knowing what vendors to avoid or taking other measures. However publishing can also introduce risks by informing people how...
