Nuclino is committed to protecting and safeguarding all information and data that is entrusted to us. That's why we offer a clear process for reporting weaknesses you may have found in our systems.
If you believe you have found a security vulnerability in a Nuclino system, please send us an email at security@nuclino.com.
Avoid disrupting our systems, destroying data, and violating the privacy of others.
Please give us a reasonable amount of time to address the issue before disclosing it.
Keep any communication regarding the vulnerability confidential.
Act in good faith. You should report the vulnerability to us with no conditions attached.
Denial of service
Credential stuffing
Spamming
Social engineering
Low severity vulnerabilities (e.g. classified as P4 or P5 according to Bugcrowd’s Vulnerability Rating Taxonomy)
Nuclino pays rewards based on the severity of reported issues. We take the ease of exploitation and impact on our customers and business into account. Issues are classified according to the taxonomy of Bugcrowd where applicable. Please note that we do not pay rewards for any out-of-scope vulnerabilities.