Security Policy

Reporting a Vulnerability

If you find a security issue or a vulnerability in Sandworm, please do NOT open an issue.

To report a security issue, please email security@sandworm.dev with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue. This project follows a 90 day disclosure timeline.