If you discover a security vulnerability, please report the issue directly to us from waterhole.dev/support. We will review and respond privately via email. All security vulnerabilities will be promptly addressed.

We are only interested in vulnerabilities that affect Waterhole itself, tested against your own local installation of the software, running the latest version. You can install a local copy of Waterhole by following these installation instructions. Do not test against any Waterhole installation that you don't own, including waterhole.dev.