At Orca, we take security seriously and appreciate your help in disclosing any vulnerabilities responsibly and privately.

To report a security issue, please email us at address disclosure@orca.security

Important:

1. Please do not create a Github issue for security vulnerabilities.
2. Please do not disclose the vulnerability publicly until we have addressed it and provided guidance on the disclosure.
3. Please include the following details in your report:
   • Description of the vulnerability
   • Steps to reproduce the vulnerability
   • Any additional information or context that might be helpful

Submission of reports by any means is subject to Orca's Vulnerability Disclosure Policy. Please make sure to read and accept before submitting your report.