Responsible Disclosure

Guidelines for reporting security vulnerabilities responsibly.

Our Commitment

Security is a top priority at Cenvero. We appreciate the security research community's efforts in helping us maintain the security of our systems and the protection of our users.

Reporting Guidelines

If you believe you have discovered a security vulnerability, we encourage you to report it responsibly. Please follow these guidelines:

Provide detailed information about the vulnerability, including steps to reproduce
Allow reasonable time for us to investigate and address the issue before disclosure
Do not access, modify, or delete data belonging to other users
Do not perform actions that could impact service availability
Act in good faith and avoid any violation of privacy or service terms

Out of Scope

Denial of service attacks
Social engineering or phishing attempts
Physical attacks on our infrastructure
Attacks requiring physical access to devices

What to Expect

We will acknowledge receipt of your report within 48 hours and keep you informed of our progress. We are committed to addressing valid security issues promptly and will credit researchers who help us improve our security, where appropriate.

Report a Vulnerability

Send your security reports to:

[email protected]

Last updated: January 2026