We take the security of SSH3 very seriously. SSH3 is still experimental and under development. If you believe you have found a security vulnerability the current version of SSH3, please report it to us privately, using the following method. We will first fix the vulnerability before making it public if it is serious.