How do we report security issues ?

I want to report an improvement which is likely a security issue (though I might be wrong), therefore I want to report it in private.

Is NextDNS on HackerOne (doesn't appear to be, unless private), or on BugCrowD (doesn't appear to be, unless private), or maybe even using the new Github Security Policy thing (https://github.com/nextdns/nextdns/security/policy ) (doesn't seem to be yet, it's a new feature though) ? and https://nextdns.io/.well-known/security.txt is error 200 right now. Whois doesn't tell me anything either: https://who.is/whois/nextdns.io

Where do people report security vulnerabilities or issues ?


Reply Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
Like1 Follow
  • 2 wk agoLast active
  • 44Views
  • 2 Following