Report Vulnerability

Use this form to report security vulnerabilities confidentially. Your report will be encrypted in your browser before transmission using PGP encryption.

Please read our Coordinated Vulnerability Disclosure Policy before submitting a report.

Fields marked with * are required.

🔒

Your message will be encrypted with PGP before submission. Only the security team can decrypt it.

Type of Vulnerability

Please select a category *

Product Vulnerability AVERO software, hardware, apps, APIs, interfaces

Infrastructure Vulnerability Website, servers, IT systems of digital ZEIT

Not sure? Choose one option – we will forward your report internally to the right team.

Vulnerability Details

Affected Product/System *

Name and version of the affected product, component, URL, or system

CWE Category (optional)

Which Common Weakness Enumeration (CWE) category applies? Search for categories such as “Cross-site Scripting”, “SQL Injection”, etc.

Vulnerability Description *

Describe the vulnerability and its potential impact

Steps to Reproduce / Attack Scenario / Additional Information (optional)

Step-by-step instructions to reproduce the vulnerability, possible attack scenarios, and any additional relevant information

Severity Assessment (optional)

Attachments

Files (optional)

Upload screenshots, proof-of-concept files, or other supporting documents

📎

Click to upload or drag and drop files here

PNG, JPG, GIF, PDF, TXT, ZIP — max. 10 MB per file

Your PGP Public Key (optional)

Upload your public key so we can respond with encrypted communication

🔑

Click to upload your PGP public key

ASC, GPG, PUB, TXT — max. 1 MB

Contact Information

Your Name (optional)

Your Email (optional)

Required if you want to receive a response

💡 Anonymous reports are possible but can only be processed to a limited extent because follow-up questions are not possible.

By submitting this form, you agree to our Privacy Policy. Your report will be encrypted before transmission.

Report Submitted Successfully