Skip to content
Official document
ID: LEG-SEC-DISC-2026-V1

Security Disclosure

Classification
Public
Last updated
2026-01-10
Scope
Website and services
Document body

1.0 Security Contact

Vulnerability reports should be sent to security@sovrint.com. Do not submit sensitive vulnerability details through public channels.

2.0 Disclosure Policy

SEC_01

Coordinated disclosure

SOVRINT encourages good-faith security researchers to report vulnerabilities through a coordinated disclosure process and to provide reasonable time for remediation before public disclosure.

SEC_02

Safe harbor

Good-faith research that avoids privacy harm, service disruption, data destruction, and social engineering will be treated as authorized security research under this policy.

SEC_03

Reporting protocol

Reports should include steps to reproduce, potential impact, affected systems, proof-of-concept material when safe, and relevant screenshots or logs.

3.0 PGP Fingerprint

Use the current security contact channel to request the latest PGP public key before sending restricted exploit material.

FINGERPRINT: 8A92 F0C1 2D4E 5F6A 7B8C 9D0E 1F2A 3B4C KEY STATUS: Request current public key before transmitting restricted material.

4.0 Bounty Status

SOVRINT does not currently operate a public bug bounty program. Verified critical vulnerabilities may still receive recognition or coordinated remediation support at SOVRINT's discretion.