Hi You can either
- create a Gitlab issue at https://gitlab.com/gnuwget/wget/-/work_items (set to confidential at the bottom) - open a private issue at https://savannah.gnu.org/bugs/?group=wget&func=additem (don't forget to set Privacy: private) - send details to [email protected] and [email protected], encryption is not needed Emails can easily get lost in daily madness. Creating an issue is IMO the better choice. Regards, Tim On 6/18/26 2:05 PM, CERT Polska via RT via Primary discussion list for GNU Wget wrote: > Dear GNU wget Team, > > as CERT.PL CNA (CVE Numbering Authority) we have been requested to assign CVEs > for a vulnerabilities found in GNU wget software. > > To which email address should we send the details of the reported > vulnerability? Should we encrypt the message using your public key, or is > encryption not necessary? > > In case of no answer from your side we will publish CVE entries according to > information provided by the finder. > > Best regards > CERT.PL/en > https://cert.pl/en/cvd/ >
