We value security for the project very highly. We encourage all users to report any vulnerabilities they discover to us. If you find a security vulnerability in the Appsmith project, please report it responsibly through GitHub's private vulnerability reporting: https://github.com/appsmithorg/appsmith/security/advisories/new.

At this juncture, we don't have a bug bounty program. We are a small team trying to solve a big problem. We urge you to report any vulnerabilities responsibly so that we can continue building a secure application for the entire community.