Security Disclosures

At Decemble, we train security engineers. We respect the hacker community and welcome responsible disclosure of vulnerabilities in our platform.

Vulnerability Disclosure Program

If you believe you have found a security vulnerability in Decemble, please submit a report to security@decemble-learn.dev.

Please allow up to 72 hours for our team to respond.
Do not publicly disclose the vulnerability until we have patched it.
Do not execute destructive attacks (e.g., dropping databases) as proof of concept.