Wind River Security Center 

Wind River is committed to active threat monitoring, rapid assessment, proactive customer notification, and timely fixes to help you navigate an evolving threat landscape.

 

PSIRT

WIND RIVER PRODUCT SECURITY INCIDENT RESPONSE TEAM

The Wind River® Product Security Incident Response Team (PSIRT) leads the receipt, coordination, and timely resolution of product security vulnerabilities, alerts, and incidents across our supported products. The PSIRT works with customers, authorities, the security community, and our Security Office for Secure Development Lifecyle (SDL) polices and standards that empower our development teams and security champions with processes and procedures to identify and resolve, in a timely manner, supported product security issues — aligned to the FIRST.org PSIRT Services Framework and the ISO/IEC 30111 and 29147 standards.

» PSIRT Policy

REPORT A VULNERABILITY

If you have information about a security vulnerability in a Wind River product, you can report the issue confidentially to our PSIRT, who will review your submission and contact you for a resolution plan.

» Report Vulnerability

Wind River Secure Development Lifecycle

Wind River helps development teams achieve cost-effective compliance for an adequate cybersecurity posture, building a trusted supply chain through product development, delivery, and support.

Learn About Our SDL

CVE Resources

Fixes & Patches

Access our searchable database of Common Vulnerabilities and Exposures (CVEs).

Search the database

Recent CVEs

Wind River is committed to active threat monitoring, proactive customer notification, and timely fixes. Check out the remediation information on some of the latest vulnerabilities.

View Notices Search All Patches

Public Release Keys

Wind River protocol includes the use of PGP keys to sign our software. Use this public release key to sign content from your project:

Linux

EU CYBER RESILIENCE ACT

The Cyber Resilience Act (CRA) is European Union (EU) legislation that introduces cybersecurity rules that apply to manufacturers, importers, and distributors of products with digital elements, and it covers both hardware and software.

Learn About CRA