If you discover a security vulnerability in any VinRobotics open-source repository, please report it responsibly rather than disclosing it publicly.

Email: support@vinrobotics.net

Please include the description of the issue, the affected repo, and steps to reproduce if possible.

• Acknowledgement: Within 3 business days
• Initial assessment and severity triage: Within 7 business days
• Resolution or mitigation plan communicated: Within 30 business days
• Critical/high severity issues: Expedited — within 14 business days

We will not take legal action against researchers who report vulnerabilities in good faith, follow this policy, and do not exploit or publicly disclose the issue before we have had reasonable time to respond.

All public repositories under the VinRobotics GitHub organization.

Social engineering, physical attacks, or issues in third-party dependencies not directly introduced by VinRobotics code.