Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations.

If you believe you have found a security vulnerability, please report it to the Microsoft Security Response Center (MSRC) at https://msrc.microsoft.com/create-report.

If you prefer to submit without logging in, you can email [email protected]. If possible, encrypt your message using the Microsoft Security Response Center PGP Key, available at Microsoft PGP Key.

More details about Microsoft's vulnerability disclosure policy can be found at Coordinated Vulnerability Disclosure.

For bug bounty eligibility, visit Microsoft Bug Bounty Program.

Preferred Language: English.