1*01826a49SYabin Cui# Reporting and Fixing Security Issues 2*01826a49SYabin Cui 3*01826a49SYabin CuiPlease do not open GitHub issues or pull requests - this makes the problem immediately visible to everyone, including malicious actors. Security issues in this open source project can be safely reported via the Meta Bug Bounty program: 4*01826a49SYabin Cui 5*01826a49SYabin Cuihttps://www.facebook.com/whitehat 6*01826a49SYabin Cui 7*01826a49SYabin CuiMeta's security team will triage your report and determine whether or not is it eligible for a bounty under our program. 8*01826a49SYabin Cui 9*01826a49SYabin Cui# Receiving Vulnerability Notifications 10*01826a49SYabin Cui 11*01826a49SYabin CuiIn the case that a significant security vulnerability is reported to us or discovered by us---without being publicly known---we will, at our discretion, notify high-profile, high-exposure users of Zstandard ahead of our public disclosure of the issue and associated fix. 12*01826a49SYabin Cui 13*01826a49SYabin CuiIf you believe your project would benefit from inclusion in this list, please reach out to one of the maintainers. 14*01826a49SYabin Cui 15*01826a49SYabin Cui<!-- Note to maintainers: this list is kept [here](https://fburl.com/wiki/cgc1l62x). --> 16