When you think you've discovered a security issue, please contact us at hello@photoprism.app.
Your report should at least include the following:
- Version and architecture
- Vulnerability description
- Reproduction steps
We will then try to reproduce it, determine the impact, and get back to you as soon as possible.
Please also report vulnerabilities in third-party applications.
- Only test for vulnerabilities on your own PhotoPrism instance
- Confirm the vulnerability applies to a supported version
- Share vulnerability details with us first
- Wait for a fix before publicly sharing details