If you've discovered a potential security issue in jrnl, please contact the maintainers at maintainers@jrnl.sh.
You can also feel free to open an issue (but please don't disclose the vulnerability) in case the email goes to spam.
You can find known privacy and security issues in our documentation.