We take security seriously at Zap and appreciate the efforts of security researchers who help keep our users safe.

If you believe you've found a security vulnerability, please follow responsible disclosure practices and do not open a public GitHub issue, as this could expose the vulnerability before a fix is available.

Instead, please open a private GitHub Security Advisory.

We will acknowledge your report promptly and work with you to understand and resolve the issue as quickly as possible.