If you discover a security vulnerability in any of our SDKs, tools, services, or repositories, please help us keep the community safe by reporting it responsibly.

You can report security vulnerabilities by emailing security@avaloniaui.net.

Please avoid disclosing the issue publicly until we have had a reasonable amount of time to investigate and release a patch or mitigation. We review all legitimate reports and will work with you to quickly resolve the issue.

Please note that Avalonia does not operate a bug bounty programme.