Report a Security Vulnerability

If you have discovered a security vulnerability on any systems owned or operated by UC Berkeley, please report it to Information Security and Policy:


When reporting a vulnerability, please provide as much information as possible:

  • Your name and contact information
  • Which systems are affected (IP addresses, hostnames, URLs, etc.)
  • Description of the security vulnerability and steps to reproduce the issue
  • Date and time the vulnerability was discovered
  • Any other known resources affected