PGDN OSS is security software. If you believe you have found a vulnerability, please follow these steps.

• Do not open public GitHub issues for security vulnerabilities.
• Contact the maintainers privately via Discord (see org profile / website).

• A clear description of the issue and potential impact
• Steps to reproduce (if possible)
• Any affected repositories, versions/commits, and configs

• We aim to acknowledge reports within 72 hours.
• We will coordinate on a remediation timeline and advisories if needed.
• Credit to reporters is optional; let us know your preference.

This policy covers all repositories under the pgdn-network organization.

Responsible disclosure helps keep decentralized infrastructure safe.