If you've discovered a security or privacy vulnerability, please reach out to us at [email protected].
Nanoleaf actively tries to identify and reduce potential vulnerabilities during the product's entire lifetime and in this effort, we value input on actual or potential vulnerabilities as that gives us a possibility to address these issues and protect connected product.
When reporting, please consider the following:
- Use the provided PGP key to encrypt your email submissions.
- Include a detailed technical description of the concern or vulnerability.
- Provide your contact information (such as phone number, email, and name) so we can reach out if necessary.
- Attach or include any additional information, such as tools used or configurations that led to discovering the issue.
- If you've shared vulnerability information with coordinators like ICS-CERT, CERT/CC, NCSC, or others, kindly inform us and provide their tracking number, if available.
- If you've identified specific threats, assessed the risk, or witnessed exploitation, please include this information encrypted with PGP.
After submitting your report, our Technical team will evaluate your case and stay in touch with updates on its progress. We endeavour to respond to security reports within 1-2 weeks.
For further information on our product support policy, visit this page.