Skip to content
← Security

Researchers

Coordinated disclosure

We welcome responsible reports. This page sets expectations for how we work with you after you reach out.

Report suspected vulnerabilities to security@veln.sh. Please include enough detail that we can reproduce the issue: steps, impact, and affected versions or surfaces.

We aim for an initial response within two business days, acknowledge valid reports, and coordinate remediation and publication timelines with you. Please avoid public disclosure until a fix ships or we agree on a publication date together.

Questions? Back to Security.