Please Note: This is a hobby project targeted to run on trusted internal networks. Authentication/Authorization features are implemented for identity control and access management, and while it MAY be sufficient in more hostile environments, it is not built with that as a primary goal.

For most issues (e.g., minor bugs, enhancements, or theoretical vulnerabilities that require significant access or specific conditions), please open a GitHub Issue.

If you discover a critical vulnerability that could actively put users at risk (e.g., unauthenticated RCE, trivial auth bypass on exposed ports), please report it via email to brwyatt+dffmpeg-security@gmail.com.

I will make a best-effort attempt to review and address critical reports, but please understand this is a side project without a dedicated security team or SLA.