Scaling security with responsible disclosure

Source: OpenAI Date: 2025-06-09 URL: https://openai.com/index/scaling-coordinated-vulnerability-disclosure

Summary

OpenAI post from June 2025 on their approach to coordinated vulnerability disclosure — the process by which security researchers report vulnerabilities in OpenAI’s systems, products, and models through structured channels rather than public disclosure. The “scaling” aspect suggests this addressed how the program evolves as OpenAI’s attack surface grows: more products, more API integrations, more agentic capabilities each create new vulnerability categories that require different disclosure processes.

Implications

CVD as security infrastructure. As OpenAI’s products handle more sensitive data and take more autonomous actions, the security research community’s ability to report and receive credit for vulnerability discoveries becomes infrastructure, not just goodwill management. This post is OpenAI building that infrastructure at scale.

Agentic systems expand the security surface. Traditional web application vulnerabilities (XSS, SQLi, CSRF) are different from agentic AI vulnerabilities (prompt injection, tool misuse, cross-user data leakage in agent state). The responsible disclosure framework has to cover both categories, and the model-specific categories are new enough that industry standards don’t yet exist.

Thread: AI security. Sits alongside the safety bug bounty (March 2026), the Codex security preview (March 2026), and the trusted access for cyber post (February 2026) as OpenAI’s security community engagement thread.

Watch: Whether the responsible disclosure process produces public CVEs or security advisories that the broader security community can use to assess OpenAI product risk, or whether disclosures are kept private in ways that reduce broader security community awareness.