Vulnerability Disclosure Program

We maintain transparency about security vulnerabilities and our remediation processes through regular public reporting.

Q3 2024 Remediated

API Authentication Bypass

Identified and patched an edge case in our authentication middleware that could allow unauthorized access under specific conditions.

8.2
CVSS Score
48h
Time to Patch
View Full Report
Q2 2024 Remediated

Cross-Site Scripting (XSS)

Patched a potential DOM-based XSS vulnerability in our admin console interface reported through our bug bounty program.

6.5
CVSS Score
24h
Time to Patch
View Full Report
Q1 2024 Remediated

Privilege Escalation

Fixed a role permission validation issue that could allow temporary elevation of privileges during specific workflows.

7.1
CVSS Score
72h
Time to Patch
View Full Report

Responsible Disclosure Program

We welcome security researchers to report vulnerabilities through our coordinated disclosure program.

Submit Vulnerability Report