SECURITY VULNERABILITY REPORT

How to report a security vulnerability

If you have information about a security vulnerability with a CMF by Nothing product or technology, please send an e-mail to infosec@cmf.tech
Encrypt sensitive information using our PGP public key. Please provide more detailed information, including:
  • The products and software versions
  • Detailed description
  • Information on known exploits
A member of the CMF by Nothing Security Team will review your e-mail and contact you to collaborate on resolving the issue.
infosec@cmf.tech only collects security vulnerabilities related to CMF by Nothing products. If you have other product related issues, please give feedback on https://intl.cmf.tech/pages/contact.


PGP Public Keys

Use the public PGP key to encrypt email with sensitive information and to verify that security communications sent by CMF by Nothing are genuine.
  • Active Date: December 4, 2023
  • Expiration Date: Never
  • Key ID: 5FC6 17E8
  • Key Type: RSA
  • Fingerprint: BC02435AAC1506132BD2235BAA45224A5FC617E8
  • User ID: infosec@cmf.tech