Vulnerability Disclosure

We at Snyk value the security community and believe that a responsible disclosure of security vulnerabilities in open source packages helps us ensure the security and privacy of the users. We aim to provide a disclosure program for the security community to report security issues found within languages including JavaScript, Java, Python, .NET, Go, Ruby and PHP.

Using this form, you can disclose vulnerabilities you’ve found or vulnerabilities that are missing within Snyk Vulnerability Database, and we’ll help you verify the vulnerability and contact the maintainer. In addition, as a CVE Numbering Authority (CNA) we are also able to assign a CVE for the issue.

Before submitting a report, please review our disclosure policy which can be found here.

For any questions or follow ups on the disclosure you may email us at

Submit a vuln

Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer’s toolkit.

Start freeBook a live demo

© 2024 Snyk Limited
Registered in England and Wales