If you discover a security vulnerability within PocketBase, please send an e-mail to support at pocketbase.io.

This is non-commercial personal open source project, so there are no bounties!

All reports will be promptly addressed and you'll be credited in the fix release notes.