To safely disclose a vulnerability to our development team, please contact us beforehand at [email protected].

We urge researchers to not publish security vulnerabilities with our product(s) until a release containing a fix has been published. We aim to respond to vulnerabilities within 1 working week. If you report a vulnerability, we will notify you on how we intend to pursue the issue and if we require further interaction.

The issues tab on the GitHub Repository is not intended to be used for disclosure and should not been seen as such. When making a report, please make sure to include as much as detail as possible, including methods of reproduction, and possible theories on how it was caused.