We take the security of DataCore VietNam software and data seriously. If you believe you have found a security vulnerability, please report it to us privately. Do not open a public issue.

Report vulnerabilities by either:

• Using GitHub's private vulnerability reporting on the affected repository, or
• Emailing contact@datacore.vn

Please include:

• A description of the vulnerability and its potential impact
• Steps to reproduce, or a proof of concept
• Affected versions, repositories, or endpoints
• Any suggested remediation

• We will acknowledge your report within 3 business days.
• We will provide an assessment and expected timeline within 10 business days.
• We will keep you informed as we work on a fix.
• We will credit you in the advisory once resolved, unless you prefer otherwise.

This policy applies to all repositories in the DataCore-VietNam organization. Please do not access, modify, or exfiltrate data that does not belong to you, and do not run denial-of-service tests against our systems.