Annual security audit results

The 2026 annual security audit wrapped on August 28. Two medium findings (both around session token rotation), four low findings (rate limiter edge cases). Zero high or critical findings. We have published the executive summary; the full report is available under NDA to enterprise customers.

Closed before publication

Both medium findings were closed before this post went live. The four low findings are tracked in our public roadmap with target dates by the end of the quarter.

← All posts