If you discover a security vulnerability in Uncord, please report it responsibly. Do not open a public issue.

Email: ty@uncord.chat

Include as much detail as possible:

• Description of the vulnerability
• Steps to reproduce
• Potential impact
• Suggested fix (if any)

You should receive an acknowledgment within 48 hours. We will work with you to understand the issue and coordinate a fix before any public disclosure.

Only the latest release is supported with security updates.

This policy covers the Uncord server and its first-party dependencies. Third-party plugins and community forks are outside scope.