Security vulnerabilities and other security related findings can be reported via our vulnerability disclosure program or by emailing security-reports@posthog.com.

We currently do not operate a bug bounty program, but we will generously reward you with merch for any actionable security vulnerabilities found.