📎 Update SECURITY.md file

2026-02-12 14:42:56 +00:00 · 2026-02-11 08:11:04 +01:00
parent f4d07a3c36
commit 8693623b13
1 changed files with 27 additions and 1 deletions
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -2,4 +2,30 @@

 ## Reporting a Vulnerability

-Please report security issues to `support@penpot.app`
+We take the security of this project seriously. If you have discovered
+a security vulnerability, please do **not** open a public issue.
+
+Please report vulnerabilities via email to: **[support@penpot.app]**
+
+
+### What to include:
+
+* A brief description of the vulnerability.
+* Steps to reproduce the issue.
+* Potential impact if exploited.
+
+We appreciate your patience and your commitment to **responsible disclosure**.
+
+---
+
+## Security Contributors
+
+We are incredibly grateful to the following individuals and
+organizations for their help in keeping this project safe.
+
+* **Ali Maharramli** – for identifying critical path traversal vulnerability
+
+
+> **Note:** This list is a work in progress. If you have contributed
+> to the security of this project and would like to be recognized (or
+> prefer to remain anonymous), please let us know.