If you think you have discovered a security issue within any part of this codebase, please let us know by providing a description of the flaw and any related information (e.g. steps to reproduce, version, etc.). There are two ways to report a security bug:

The first way is to submit a report to OpenBugBounty. This way of submitting a report will make you eligible for a bounty but will require you to follow a certain process, including possible limitations on when the results can be publicly disclosed.

If you do not wish to submit via OpenBugBounty, then you can send us a direct email at michel@cobrowser.xyz. This way of submitting a report will not make you eligible for a bounty but will allow you to responsibly disclose on your terms.