# Security Policy The only completely secure system is the one that doesn't exist in the first place. Having said that, we take the security of Marked very seriously. ## Reporting a Vulnerability Please disclose potential security issues by email to the project [committers](https://marked.js.org/authors) as well as the [listed owners within NPM](https://docs.npmjs.com/cli/owner). We will provide an initial assessment of security reports within 48 hours and should apply patches within 2 weeks (also, feel free to contribute a fix for the issue).