Skip to content

Security: globaleaks/globaleaks-whistleblowing-software

SECURITY.md

If you've discovered a vulnerability, please refrain from filing a public issue.

We kindly ask that you follow responsible disclosure guidelines, keeping in mind the risks faced by whistleblowers.

To report a vulnerability, please contact us privately via one of the following methods:

For any sensitive information, please encrypt your message using our PGP key: F6EFBDFAD0A3CF4A55085C3E7BBB231D031957FA

We aim to acknowledge reports within 8 hours and address any critical issues with short-term fixes within 2 days, whenever possible.

There aren’t any published security advisories