The Very Group - Website Vulnerability Disclosure Program​

Website Vulnerability Disclosures

The Very Group values the work performed by Security Researchers. We are committed to ensuring that we adhere to the highest security standards and will ensure any disclosed vulnerabilities are properly reviewed and investigated. The Very Group will make every effort to resolve any confirmed vulnerabilities as soon as possible.​

Please ensure you disclose any potential vulnerabilities within 7 days (168 hours).​

If you have found a possible vulnerability on our website, please send all relevant details over to the following email address:​

Please ensure you include the following in your email: (If applicable)​

  • URL
  • CVE ID
  • Exploit code
  • Account Details
  • Details of exploit, including steps carried out
  • Proof of Concept (PoC)
  • How you wish to be contacted

Please do not include any attachments to your email. 

Please be aware...

Although the Very Group thanks you for disclosing vulnerabilities to us and helping us to improve the security of our platform(s), we do not offer a financial reward but would consider providing a letter of acknowledgement or a reference.​

Thank you!

Thank you for your vulnerability disclosure and taking the time to provide us with the vulnerability details. We appreciate your findings and if valid, we will do our best to resolve the issue as soon as possible.​