Update SECURITY.md with reporting guidelines (#162608)

Added clarification that all reports will be disclosed within 90 days Pull Request resolved: https://github.com/pytorch/pytorch/pull/162608 Approved by: https://github.com/seemethere, https://github.com/albanD
2025-10-20 12:54:11 +08:00 · 2025-09-11 16:30:26 +00:00
parent fe8cc619b8
commit 8be8b94793
1 changed files with 2 additions and 0 deletions
--- a/SECURITY.md
+++ b/SECURITY.md
@ -16,6 +16,8 @@ However, if you believe you have found a security vulnerability in PyTorch, we e

 Please report security issues using https://github.com/pytorch/pytorch/security/advisories/new

+All reports submitted thru the security advisories mechanism would **either be made public or dismissed by the team within 90 days of the submission**. If advisory has been closed on the grounds that it is not a security issue, please do not hesitate to create an [new issue](https://github.com/pytorch/pytorch/issues/new?template=bug-report.yml) as it is still likely a valid issue within the framework.
+
 Please refer to the following page for our responsible disclosure policy, reward guidelines, and those things that should not be reported:

 https://www.facebook.com/whitehat