---
_id: '62738'
abstract:
- lang: eng
  text: 'Vulnerability disclosures are necessary to improve the security of our digital
    ecosystem. However, they can also be challenging for researchers: it may be hard
    to find out who the affected parties even are, or how to contact them. Researchers
    may be ignored or face adversity when disclosing vulnerabilities. We investigate
    researchers'' experiences with vulnerability disclosures, extract best practices,
    and make recommendations for researchers, institutions that employ them, industry,
    and regulators to enable effective vulnerability disclosures.'
author:
- first_name: Harshini
  full_name: Sri Ramulu, Harshini
  id: '99000'
  last_name: Sri Ramulu
  orcid: 0000-0002-0000-5843
- first_name: Anna Lena
  full_name: Rotthaler, Anna Lena
  id: '97843'
  last_name: Rotthaler
- first_name: Jost
  full_name: Rossel, Jost
  id: '58331'
  last_name: Rossel
  orcid: 0000-0002-3182-4059
- first_name: Rachel
  full_name: Gonzalez Rodriguez, Rachel
  last_name: Gonzalez Rodriguez
- first_name: Dominik
  full_name: Wermke, Dominik
  last_name: Wermke
- first_name: Sascha
  full_name: Fahl, Sascha
  last_name: Fahl
- first_name: Tadayoshi
  full_name: Kohno, Tadayoshi
  last_name: Kohno
- first_name: Juraj
  full_name: Somorovsky, Juraj
  id: '83504'
  last_name: Somorovsky
  orcid: 0000-0002-3593-7720
- first_name: Yasemin
  full_name: Acar, Yasemin
  id: '94636'
  last_name: Acar
citation:
  ama: 'Sri Ramulu H, Rotthaler AL, Rossel J, et al. Poster: Computer Security Researchers’
    Experiences with Vulnerability Disclosures. In: <i>Proceedings of the 2025 ACM
    SIGSAC Conference on Computer and Communications Security</i>. ACM; 2025. doi:<a
    href="https://doi.org/10.1145/3719027.3760723">10.1145/3719027.3760723</a>'
  apa: 'Sri Ramulu, H., Rotthaler, A. L., Rossel, J., Gonzalez Rodriguez, R., Wermke,
    D., Fahl, S., Kohno, T., Somorovsky, J., &#38; Acar, Y. (2025). Poster: Computer
    Security Researchers’ Experiences with Vulnerability Disclosures. <i>Proceedings
    of the 2025 ACM SIGSAC Conference on Computer and Communications Security</i>.
    <a href="https://doi.org/10.1145/3719027.3760723">https://doi.org/10.1145/3719027.3760723</a>'
  bibtex: '@inproceedings{Sri Ramulu_Rotthaler_Rossel_Gonzalez Rodriguez_Wermke_Fahl_Kohno_Somorovsky_Acar_2025,
    title={Poster: Computer Security Researchers’ Experiences with Vulnerability Disclosures},
    DOI={<a href="https://doi.org/10.1145/3719027.3760723">10.1145/3719027.3760723</a>},
    booktitle={Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications
    Security}, publisher={ACM}, author={Sri Ramulu, Harshini and Rotthaler, Anna Lena
    and Rossel, Jost and Gonzalez Rodriguez, Rachel and Wermke, Dominik and Fahl,
    Sascha and Kohno, Tadayoshi and Somorovsky, Juraj and Acar, Yasemin}, year={2025}
    }'
  chicago: 'Sri Ramulu, Harshini, Anna Lena Rotthaler, Jost Rossel, Rachel Gonzalez
    Rodriguez, Dominik Wermke, Sascha Fahl, Tadayoshi Kohno, Juraj Somorovsky, and
    Yasemin Acar. “Poster: Computer Security Researchers’ Experiences with Vulnerability
    Disclosures.” In <i>Proceedings of the 2025 ACM SIGSAC Conference on Computer
    and Communications Security</i>. ACM, 2025. <a href="https://doi.org/10.1145/3719027.3760723">https://doi.org/10.1145/3719027.3760723</a>.'
  ieee: 'H. Sri Ramulu <i>et al.</i>, “Poster: Computer Security Researchers’ Experiences
    with Vulnerability Disclosures,” 2025, doi: <a href="https://doi.org/10.1145/3719027.3760723">10.1145/3719027.3760723</a>.'
  mla: 'Sri Ramulu, Harshini, et al. “Poster: Computer Security Researchers’ Experiences
    with Vulnerability Disclosures.” <i>Proceedings of the 2025 ACM SIGSAC Conference
    on Computer and Communications Security</i>, ACM, 2025, doi:<a href="https://doi.org/10.1145/3719027.3760723">10.1145/3719027.3760723</a>.'
  short: 'H. Sri Ramulu, A.L. Rotthaler, J. Rossel, R. Gonzalez Rodriguez, D. Wermke,
    S. Fahl, T. Kohno, J. Somorovsky, Y. Acar, in: Proceedings of the 2025 ACM SIGSAC
    Conference on Computer and Communications Security, ACM, 2025.'
conference:
  end_date: 2025-10-17
  start_date: 2025-10-13
date_created: 2025-12-02T08:48:00Z
date_updated: 2025-12-02T08:54:18Z
doi: 10.1145/3719027.3760723
keyword:
- software vulnerabilities
- vulnerability disclosure
- security research
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://dl.acm.org/doi/10.1145/3719027.3760723
oa: '1'
publication: Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications
  Security
publication_status: published
publisher: ACM
status: public
title: 'Poster: Computer Security Researchers'' Experiences with Vulnerability Disclosures'
type: conference
user_id: '58331'
year: '2025'
...