> ## Documentation Index
> Fetch the complete documentation index at: https://docs.encord.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Vulnerability Disclosure

## How to Submit a Vulnerability

Email vulnerability reports to Encord's Product Security Team at [security@encord.com](mailto:security@encord.com).

## What We Prioritize

To help us triage and resolve your report effectively:

* **Well-written reports in English** have a higher probability of resolution
* **Proof-of-concept code** equips us to better understand and triage the vulnerability
* **Clear context**: Explain how you found the bug, its impact, and potential remediation steps
* **Disclosure plans**: Let us know if you have any public disclosure timeline or intentions

Lower priority may be given to reports that include only crash dumps or automated tool output, or vulnerabilities outside our initial scope.

## What You Can Expect From Us

* **Response within 2 business days** to acknowledge receipt
* **Transparent communication** on expected timeline and any challenges that may extend it
* **Stage notifications** as the vulnerability progresses through our review process
* **Open dialog** to discuss the issue
* **Credit** once the vulnerability has been validated and fixed

If we encounter communication issues or other obstacles, we may bring in a neutral third party to help resolve how best to proceed.
