Do not report vulnerabilities through public GitHub issues, discussions, pull requests, or any other public form of communication.

Please directly email security@forwardemail.net to report vulnerabilities. Depending on the severity of the vulnerability, and to our sole discretion, we may choose to award a bug bounty for the vulnerability disclosure.