From 8693623b134b379a2eebea14db2f48fd7545b160 Mon Sep 17 00:00:00 2001 From: Andrey Antukh Date: Wed, 11 Feb 2026 08:11:04 +0100 Subject: [PATCH] :paperclip: Update SECURITY.md file --- SECURITY.md | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index 8798c66f57..77896640b3 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -2,4 +2,30 @@ ## Reporting a Vulnerability -Please report security issues to `support@penpot.app` \ No newline at end of file +We take the security of this project seriously. If you have discovered +a security vulnerability, please do **not** open a public issue. + +Please report vulnerabilities via email to: **[support@penpot.app]** + + +### What to include: + +* A brief description of the vulnerability. +* Steps to reproduce the issue. +* Potential impact if exploited. + +We appreciate your patience and your commitment to **responsible disclosure**. + +--- + +## Security Contributors + +We are incredibly grateful to the following individuals and +organizations for their help in keeping this project safe. + +* **Ali Maharramli** – for identifying critical path traversal vulnerability + + +> **Note:** This list is a work in progress. If you have contributed +> to the security of this project and would like to be recognized (or +> prefer to remain anonymous), please let us know.