Under the principle of Coordinated Vulnerability Disclosure (CVD), researchers disclose newly discovered vulnerabilities or content-related issues in hardware, software, or services directly to the vendors of the affected product; to a national CERT or other coordinator who will report to the vendor privately; or to a private service that will likewise report to the vendor privately. The researcher gives the vendor the opportunity to diagnose the issue and provides fully tested updates, worka...
