# Security Policy

## Versions

As an open source product, we will only patch the latest major version for security vulnerabilities. Previous versions of budibase will not be retroactively patched.

## Disclosing

You can get in touch with us regarding a vulnerability via email at community@budibase.com.

You can also disclose via huntr.dev. If you believe you have found a vulnerability, please disclose it on huntr and let us know.

https://huntr.dev/bounties/disclose

This will enable us to review the vulnerability and potentially reward you for your work.