Report a vulnerability - Open VSX Researcher Recognition

Open VSX security researcher recognition program

Responsible disclosure for the Open VSX Registry

If you believe you have identified a security vulnerability affecting the Open VSX Registry, please report it through the form below or send email to: security@open-vsx.org. Responsible disclosure helps protect the ecosystem and enables timely remediation.

Name

Company / Organisation

Nature of the vulnerability (select all that apply)

Malware or malicious behavior Namespace impersonation / typosquatting Credential leakage (API keys, tokens, secrets) Vulnerability in Open VSX service or infrastructure Abuse or manipulation (e.g. download inflation)

Other (please specify)

Details of the Issue

Acknowledgment

I confirm that this report is submitted in good faith and to the best of my knowledge is accurate.

Optional (if you want to participate in the Open VSX Researcher Recognition program)

I would like to be acknowledged as part of the Open VSX Researcher Recognition Program

Preferred name for recognition (if different)