Legal Notice

Last updated: April 2026

Research Ethics

All security research published on this site was conducted ethically and legally. Vulnerabilities were discovered in authorised environments — either systems I own, systems within explicit bug bounty programme scope, or systems where written authorisation was obtained.

No Liability

All CVE advisories, writeups, tools, and research notes are published for educational and defensive security purposes only. GhostVector accepts no liability for any use of information published here against systems without proper authorisation.

Tool Licensing

Security tools published on this site are licensed under the MIT License unless stated otherwise. Use only in authorised environments. The author accepts no liability for misuse.

CVE Attribution

CVE IDs referenced on this site were assigned by authorised CVE Numbering Authorities. All advisories include vendor acknowledgement where provided.

Pseudonymity

GhostVector is a security research pseudonym. The use of a pseudonym is standard practice in the security research community and does not imply any attempt to deceive or evade legal accountability. Research is conducted in full compliance with applicable law.

Contact

Legal inquiries: Contact page (PGP encryption available via PGP key).