Coordinated disclosure timeline for findings in LLM-based systems — from initial report through CVE assignment and public writeup.
Include: model, version, system prompt (where applicable), exact input, observed output, expected output, repro rate, scoped impact.
Model providers have security@ inboxes. Plugin/agent platform providers may use HackerOne/Bugcrowd. Some vendors don't accept LLM bug reports yet — see step 5.
Encrypted email or vendor-provided portal. Avoid public bug trackers — even gist links can leak.
Standard 90 days. Faster (30-60) if active exploitation. Slower (180+) if remediation requires retraining or a major architecture change.
Traditional CVE assignment doesn't cleanly fit prompt-layer issues. For agent/tool issues, CVE works. For pure model alignment failures, GHSA or vendor advisory is more appropriate.
After patch + grace period: technical writeup, repro, impact, remediation. Add to your CVE ledger and submit canonical URL to NVD/MITRE if applicable.