OpenAI formalizes policy for disclosing third-party software vulnerabilities

OpenAI has established an Outbound Coordinated Disclosure Policy to responsibly report security vulnerabilities discovered in third-party software. This policy outlines their process for validating, prioritizing, and disclosing issues found through automated analysis, manual review, and internal usage. The approach emphasizes cooperation with vendors, discreet disclosure by default, and open-ended timelines to accommodate the increasing complexity of AI-driven vulnerability discovery and patching. AI

Summary written by gemini-2.5-flash-lite from 1 source. How we write summaries →

RANK_REASON OpenAI published a policy detailing their approach to coordinated vulnerability disclosure, which is a research-adjacent activity.

Read on OpenAI News →

• safety
• policy
• model release