If you're looking for security related documentation, head over to docs.

Since Zero Monitor is used in the wild by many people, if you have found a 0 day please report it directly via e-mail to [email protected]. Your reports will be rewarded as shoutouts in our repository!

Any other bugs, security and design flaws that you have encountered, you can open a bug with label "SECURITY" and we will prioritize the ticket. Make sure you include as much valuable information to help triage the ticket ASAP. Some of the information inclue:

Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
Full paths of source file(s) related to the manifestation of the issue
The location of the affected source code (tag/branch/commit or direct URL)
Any special configuration required to reproduce the issue
Step-by-step instructions to reproduce the issue
Proof-of-concept or exploit code (if possible)
Impact of the issue, including how an attacker might exploit the issue

Please communicate in English.

This guide is based on the Microsoft SECURITY.md.