Responsible disclosure
Security
Security reporting guidance for BinderPlug vulnerabilities and sensitive technical issues.
Contact
Where to report
Send vulnerability reports to [email protected]. This route is for security issues, not ordinary support, deletion requests, trade disputes, or bug reports.
In scope
What belongs here
- Account takeover paths.
- Authentication or authorization bypass.
- Data exposure.
- Injection, rate-limit bypass, or abuse paths.
- Dependency vulnerabilities with a BinderPlug impact.
Ground rules
Boundaries
BinderPlug does not currently offer a bug bounty, reward program, or formal safe-harbor commitment. Do not test against real user accounts or production data.