Our vulnerability disclosure policy is simple: Do not disclose serious vulnerabilities in public, unless they already have been - by ourselves or Dependabot.

You can always contact us directly on Discord. Feel free to send a private message to one of our admins there, or send one to the ModMail bot to contact the entire staff team. We're happy to address any concerns you may have, and we'd love to hear from you if there's an issue that needs fixing.