When you think you've discovered a security issue, please contact us at hello@photoprism.app.

Your report should at least include the following:

• Version and architecture
• Vulnerability description
• Reproduction steps

We will then try to reproduce it, determine the impact, and get back to you as soon as possible.

Please also report vulnerabilities in third-party applications.

• Only test for vulnerabilities on your own PhotoPrism instance
• Confirm the vulnerability applies to a supported version
• Share vulnerability details with us first
• Wait for a fix before publicly sharing details