Security

Security at Midorimax

We take security seriously from day one. This page documents the posture of the Midorimax Core Platform and how to report a vulnerability.

Argon2id password hashing

Modern memory-hard hashing for all credentials.

Hardened HTTP defaults

Strict transport, sane CSP, framing protection, referrer policy.

Audit log + login history

Privileged actions and authentication attempts are logged for review.

Coordinated disclosure

We respond to security reports within 72 hours.

Report a vulnerability

Email security@midorimax.com with a clear description, reproduction steps and any proof-of-concept. We acknowledge reports within 72 hours and will keep you updated through resolution.

security@midorimax.com

Please do not run automated scanners against production, do not access other users' data, and do not publicly disclose issues until they are resolved.