As part of our 2025 Policy Trial, Project Zero will use this page to publicly track our Reporting Transparency effort. The trial commenced on July 29, 2025 for issues reported since June 1, 2025. We plan to update this page weekly with new information.
Our Vulerability Disclosure FAQ provides more details behind our aims and goals of our policy.
Most recent update: 2025-07-29
Reporting Transparency
| Project Zero Reference | Reported to | Product | Date Reported | 90-day Deadline expires | Grace Period Requested? |
|---|---|---|---|---|---|
| PZ-432439660 | Microsoft | Windows | 2025-07-17 | 2025-10-15 | No |
| PZ-432313668 | Microsoft | Windows | 2025-07-17 | 2025-10-15 | No |
| PZ-428075495 | Dolby | Dolby Unified Decoder | 2025-06-27 | 2025-09-25 | No |
| PZ-426567975 | BigWave | 2025-06-21 | 2025-09-19 | No | |
| PZ-426548270 | BigWave | 2025-06-21 | 2025-09-19 | No | |
| PZ-425917200 | BigWave | 2025-06-19 | 2025-09-17 | No |
Once a vulnerability report is marked as fixed, it will move into the table below. Note that the links to the issues won't be publicly accessible until up to 30 days after the report is marked as fixed (that 30 day period may be shorter if disclosure is requested by the vendor or a grace period was requested and applied).
| Project Zero Reference | Reported to | Issue Title | Date Reported | Date Reported as Fixed | Time until Fixed (Days) | Date First User Device Protected (Date and Link to Device) |
|---|---|---|---|---|---|---|
Subscribe to:
Posts (Atom)