Please report security vulnerabilities by emailing: [email protected]

• We will acknowledge your email within 72 hours
• We will provide regular updates about our progress
• Once the issue is confirmed and fixed, we may ask you to verify the solution

• Please do not disclose the vulnerability publicly until we have had a chance to address it
• We do not offer bounties as we are a non-profit organization
• We appreciate your efforts to responsibly disclose your findings

You can use the above email to report vulnerabilities in p5.js and related repositories managed by the processing org, including the reference website.