All public security vulnerability disclosures by stypr are published on this website.
For inquiries regarding advisories, please contact roorot+advisory@ststyprypr.com.

If a vendor patches a vulnerability before the 90-day deadline, technical details will be withheld for 30 days after the patch is released to allow users time to apply the update. Most of the responsible disclosure rules are similar or identical to Google Project Zero's disclosure policy. Specific rules may apply by mutual agreement.

This page works best in the latest versions of Chrome and Firefox.