Vulnerability Disclosure Program
We maintain transparency about security vulnerabilities and our remediation processes through regular public reporting.
Q3 2024
Remediated
API Authentication Bypass
Identified and patched an edge case in our authentication middleware that could allow unauthorized access under specific conditions.
8.2
CVSS Score
48h
Time to Patch
Q2 2024
Remediated
Cross-Site Scripting (XSS)
Patched a potential DOM-based XSS vulnerability in our admin console interface reported through our bug bounty program.
6.5
CVSS Score
24h
Time to Patch
Q1 2024
Remediated
Privilege Escalation
Fixed a role permission validation issue that could allow temporary elevation of privileges during specific workflows.
7.1
CVSS Score
72h
Time to Patch
Responsible Disclosure Program
We welcome security researchers to report vulnerabilities through our coordinated disclosure program.
Submit Vulnerability Report