Acme Sensors follows a coordinated vulnerability disclosure process aligned with ISO/IEC 29147. Security researchers who discover vulnerabilities in our products should report them via our security contact form or email. We acknowledge receipt within 2 business days, provide an initial assessment within 10 business days, and work with the reporter to agree on a disclosure timeline. We do not pursue legal action against researchers acting in good faith. We credit researchers in our security advisories unless they prefer anonymity.