WinBoat takes security very seriously, if you believe you have found a security vulnerability within WinBoat, do the following steps:

1. Construct a PoC (Proof of Concept) showcasing how the vulnerability can be used in real world scenarios.
2. Make a video showcasing the vulnerability.
3. Send an email to [email protected] with the subject line [SECURITY] Example Vulnerability or contact any maintainer on Discord (faster).
4. We will respond as soon as possible and begin working on a fix if your vulnerability qualifies. During this time, please avoid disclosing it to any third parties or the general public for obvious reasons. Our commit messages will likely not indicate that it's a fix for a security vulnerability in specific, this is to minimize any N-day attacks.
5. A release will be made including the fix for the vulnerability, which will be mentioned in the patch notes.