Coordinated Vulnerability Disclosure (CVD) is a coordinated effort that occurs prior to public disclosure of a newly discovered vulnerability. CVD provides critical time for a medical device manufacturer, vulnerability finder, and other stakeholders to develop mitigations, communication plans, and a vulnerability advisory that will be shared publicly. The Biohacking Village can provide assistance with coordinating disclosure of vulnerabilities that are discovered during during BHV events, or even help setting up a new CVD program.

 

As a Common Weakness Enumeration (CVE) Numbering Authority (CNA), the Biohacking Village (BHV) can assist with registering a CVE number that is required as part of each disclosure. During this process, the BHV will help with coordination of communication, developing the language for the advisory, and other aspects of the disclosure process. Full support is available year round and in-person disclosure assistance is available during DEF CON.

​

Coordinated vulnerability disclosures are published under our Security Advisory page and CISA website as standard procedure.