> ## Documentation Index
> Fetch the complete documentation index at: https://docs.waycore.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Vulnerability Disclosure

> How to report security issues to Waycore.

If you believe you've found a security vulnerability in Waycore, please email **[security@waycore.com](mailto:security@waycore.com)**.

Helpful details to include:

* A description of the issue and its impact
* Steps to reproduce
* The affected endpoint or component
* Your name or handle if you'd like to be credited

## Scope

In scope: `*.waycore.com` and Waycore's public APIs.

Out of scope: third-party services, social engineering, physical attacks, denial-of-service testing, and findings from automated scanners without demonstrated impact.

## Safe Harbor

We won't pursue legal action against researchers acting in good faith who avoid privacy violations and service disruption, and who give us reasonable time to investigate before public disclosure.

## Bug Bounty

Waycore does not currently operate a paid bug bounty program.