Report a Vulnerability

At Tuva, we take the security of our systems seriously. If you have identified a vulnerability, we want to hear from you. We work closely with security researchers and commit to addressing reported issues with urgency.

Security Overview

How to Report an Issue

If you have identified a vulnerability on any of our web properties, please follow the steps below:

Contact us directly
Send an email to support@tuvalabs.com with "Security" in the subject line. Include the necessary details to reproduce the vulnerability — screenshots, videos, or step-by-step instructions are all helpful.
Include your contact information
If possible, share your email address and phone number so our security team can follow up if additional information is needed to identify or resolve the issue.
Give us time to respond
If you intend to publish or share the information publicly for educational or other purposes, please give us a reasonable amount of time to fix the problem before disclosure. We will commit to a timeline and keep you updated on progress.
Do not exploit the vulnerability
If the identified vulnerability could be used to extract customer or system information, or to impair the normal functioning of our systems, please do not exploit it. Responsible disclosure requires that the vulnerability not be used for unauthorized access or unlawful gains.

Acknowledgement

We do not have a bounty or cash reward program, but we express our gratitude for genuine responsible disclosures in other ways. If you provide consent, we would be glad to publicly acknowledge your contribution on our Security Hall of Fame.