Security issues in the Rizin repository should be reported by email to security@rizin.re. Your email will be delivered to a small security team that will handle the report. Your email will be acknowledged within 48 hours, and you'll receive a more detailed response to your email within 72 hours indicating the next steps in handling your report.

For your convenience, we accept reports written in one of the languages listed on our security.txt page, but we prefer reports in English.

If you have not received a reply to your email within 48 hours, or have not heard from the security team for the past week, there are a few steps you can take (in order):

• Directly contact at least one member from Rizin Security Team
• Inform the team over the public chats that you sent a message regarding a security issue.

Important: Don't disclose any information regarding the issue itself in the public chats.