Alexandre DulaunoyDec 20
Alexandre Dulaunoy

GCVE-BCP-02 Published - Version 1.3 (2025-12-09)

We’re pleased to announce the publication of GCVE-BCP-02 – Practical Guide to Vulnerability Handling and Disclosure, now available in its version 1.3.

This Best Current Practice document provides actionable guidance for organisations, researchers, and GCVE Numbering Authorities (GNAs) on managing and disclosing vulnerabilities effectively, both within the GCVE ecosystem and beyond.

πŸ”— Read it here: (HTML)

https://gcve.eu/bcp/gcve-bcp-02/

πŸ”— Read it here: (PDF)

https://gcve.eu/files/bcp/gcve-bcp-02.pdf

Thank you to everyone contributing to the improvement and adoption of vulnerability handling and disclosure practice!

@gcve
@gcve@discourse.ossbase.org
@circl
@vulnerability_lookup

GCVE-BCP-02 - Practical Guide to Vulnerability Handling and Disclosure

This guide provides actionable recommendations for GCVE GNA, software developers, open source project maintainers, vendors, and organizations to manage vulnerability reports from discovery to resolution and public disclosure.

Dec 9 at 9:12amWeb