We take the security of our software seriously. If you believe you have found a security vulnerability in our software, we encourage you to let us know straight away. We will investigate all legitimate reports and do our best to quickly fix the problem. How to Report a Vulnerability
Do Not Publicly Disclose: Publicly disclosing a vulnerability can put the entire community at risk. If you've found a security issue, please refrain from disclosing it publicly and instead let us handle it.
Contact: Send an DM to @TimoCodes in X. Include as much information as possible about the vulnerability or malicious links. Descriptions, proof-of-concept, steps to reproduce, and impact analysis are highly valuable.
Timing: After reporting a vulnerability, give us a reasonable amount of time to fix the issue before you disclose it to others.
Anonymous Reporting: If you prefer to stay anonymous, you can use free email services like ProtonMail to create an anonymous account.
Acknowledge receipt of your vulnerability report. Provide an estimated time frame for addressing the vulnerability report. Notify you when the vulnerability is fixed.
We appreciate your efforts in keeping our project safe and thank the security research community for their responsible disclosure practices.