1 files changed, 48 insertions, 0 deletions

diff --git a/.github/ISSUE_TEMPLATE/04-vuln.yml b/.github/ISSUE_TEMPLATE/04-vuln.yml
new file mode 100644
index 0000000000..dd14aeeb97
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/04-vuln.yml
@@ -0,0 +1,48 @@
+name: Go vulnerability management - bugs and feature requests
+description: Issues or feature requests about Go vulnerability management
+title: "x/vuln: "
+labels: ["vulncheck", "vulndb"]
+body:
+  - type: markdown
+    attributes:
+      value: "Please answer these questions before submitting your issue. Thanks! To add a new vulnerability to the Go vulnerability database (https://vuln.go.dev), see https://go.dev/s/vulndb-report-new. To report an issue about a report, see https://go.dev/s/vulndb-report-feedback."
+  - type: input
+    id: go-version
+    attributes:
+      label: go version
+      description: What version of Go are you using (`go version`)?
+      placeholder: ex. go version go1.20.7 darwin/arm64
+    validations:
+      required: true
+  - type: textarea
+    id: reproduce-latest-version
+    attributes:
+      label: "Does this issue reproduce at the latest version of golang.org/x/vuln?"
+    validations:
+      required: true
+  - type: textarea
+    id: os-and-processor
+    attributes:
+      label: "What operating system and processor architecture are you using (`go env`)?"
+      render: shell
+    validations:
+      required: true
+  - type: textarea
+    id: what-did-you-do
+    attributes:
+      label: "What did you do?"
+      description: "If possible, provide a recipe for reproducing the error. A complete runnable program is good. A link on go.dev/play is best."
+    validations:
+      required: true
+  - type: textarea
+    id: expected-behavior
+    attributes:
+      label: "What did you expect to see?"
+    validations:
+      required: true
+  - type: textarea
+    id: actual-behavior
+    attributes:
+      label: "What did you see instead?"
+    validations:
+      required: true