We take security vulnerabilities seriously and appreciate the efforts of security researchers and users who report them responsibly. If you believe you have found a security issue in our systems, please report it to us by emailing [email protected].

To help us triage and address the issue efficiently, please include the following details in your report:

• Affected System/Service: (e.g., Web App, API, Dashboard, etc.)
• Version (if applicable): (e.g., v0.3.1)
• Vulnerability Description: A brief summary of the issue.
• Steps to Reproduce: A clear, step-by-step guide on how to reproduce the issue.
• Impact: An explanation of the potential risk or security implications.
• Supporting Evidence: Any relevant screenshots, logs, or proof-of-concept code.
• Suggested Fix (if applicable): Any recommendations on how to mitigate the vulnerability.

• We will acknowledge receipt of your report; we try within 48 hours.
• Our team will investigate the issue and provide updates on its status; we try within 10 business days.
• If the report is valid, we will work to resolve the issue and may reach out for further details.
• We may publicly acknowledge researchers who report valid issues unless anonymity is requested.

We appreciate your cooperation in responsibly disclosing security vulnerabilities and helping us keep Rho Impact's products secure.