We value security for the project very highly. We encourage all users to report any vulnerabilities they discover to us. If you find a security vulnerability in the Appsmith project, please report it responsibly by sending an email to security@appsmith.com.
At this juncture, we don't have a bug bounty program. We are a small team trying to solve a big problem. We urge you to report any vulnerabilities responsibly so that we can continue building a secure application for the entire community.