Please email security@filevanish.com with details. Do not open public GitHub issues for security bugs.
We aim to respond within 48 hours.
- Vulnerabilities in this codebase
- Issues affecting client-side encryption integrity
- Authentication/authorization bypasses
- Out-of-scope: bugs only reproducible with deprecated dependencies, social-engineering reports, denial-of-service via volume
We follow coordinated disclosure. Please give us a reasonable window to fix before public disclosure.