If you discover a security vulnerability in this SDK, please report it privately via email to cve@bilouro.com.

Do not open a public GitHub issue for security vulnerabilities.

You should receive a response within 48 hours. We will coordinate disclosure with you and credit you in the advisory if you wish.

This policy covers the eupago Python package only. For vulnerabilities in the eupago payment gateway itself, contact eupago directly at suporte@eupago.pt.