If you think you have found a security vulnerability, please send a report to [email protected]. This address can be used for all of United's open source and commercial products. We can accept only vulnerability reports at this address.

United Manufacturing Hub will send you a response indicating the next steps in handling your report. After the initial reply to your report, the security team will keep you informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.

Important: We ask you to not disclose the vulnerability before it have been fixed and announced, unless you received a response from the UMH security team that you can do so.

We maintain a category on the community site called Security Announcements, where we will post a summary, remediation, and mitigation details for any patch containing security fixes.