关键信息 Vulnerability Lab: - SEC Consult operates an internal security laboratory to stay ahead of attackers in network and application security. - Provides support for penetration tests and evaluation of new technologies. Responsible Disclosure Policy: - Aimed at providing vendors with necessary information and timeframes to validate and fix security flaws. - Document can be found here. Contact: - Reachable via: - PGP key with fingerprint . CVE Numbering Authority (CNA): - Official CNA with scope for assigning CVE numbers to vulnerabilities discovered in third-party hardware/software. Recent Vulnerabilities: - Unprotected NFC card manipulation leading to free top-up in GiroWeb Cashless Catering Solutions: 29 Oct 2025 - Unauthenticated Local File Disclosure in MPDV Mikrolab MIP 2 / FEDRA 2 / HYDRA X Manufacturing Execution System: 27 Oct 2025 - Multiple Vulnerabilities in EfficientLab WorkExaminer Professional: 21 Oct 2025 - More recent vulnerabilities listed under "All" tab with respective dates.