**Please contact us at [security@photoprism.app](mailto:security@photoprism.app) when you've discovered a potential security issue.**

You are welcome to also report vulnerabilities in third-party applications that we may not be able to fix directly.

At a minimum, your report should include the following:

* Version and architecture
* Vulnerability description
* Reproduction steps

We will then try to reproduce the problem, determine the impact and get back to you as soon as possible.

*Avoid activities that disrupt, degrade, or interrupt our services or compromise other users' data, such as spam, brute force attacks, denial of service attacks, and malicious file distribution.*

### Responsible Disclosure ###

1. Confirm that the vulnerability applies to a current version
2. First share the vulnerability details with us
3. Wait for resolution before sharing details

**Thank you!** 👍