Vulnerability Disclosure

Our Commitment to Security

At PETLIBRO, we are deeply committed to ensuring the security and privacy of our users. We believe in transparency and collaborative security efforts with our user community to maintain the highest standards of protection for our products and services.

What We Consider a Vulnerability

We recognize security vulnerabilities as:
Any system weakness that could potentially expose user data
Technical flaws that might compromise device functionality
Programming defects that could lead to privacy breaches
Security gaps that might affect system integrity

How to Report a Vulnerability

We value your security insights and have established a straightforward reporting process:
Contact Method: Send detailed reports to security@petlibro.com
Essential Information to Include:
  • A clear description of the vulnerability and its potential impact
  • Affected product, service, component, and version number(s)
  • Steps to reproduce the issue, including required configuration or prerequisites
  • Proof of concept, logs, or screenshots (if available and safe to share)

Our Response Commitment

We take all security reports seriously and promise to:
Acknowledge your report within 48 hours
Keep you updated on the resolution progress
Resolved Vulnerabilities Archive
For confirmed vulnerabilities, we release detailed information and remediation measures within 180 business days after completing technical analysis and developing mitigation plans. All vulnerability information remains confidential until official disclosure.
In our commitment to transparency, we maintain a public record of addressed vulnerabilities:

Vulnerability ID Description Found Resolved Status
PL-202511
 At Petlibro, the safety of your pets and the privacy of your data are our highest priorities.. We are committed to transparency and responsible security practices.Recently, a security researcher responsibly reported potential vulnerabilities in our platform. We took immediate action to investigate, validate, and remediate these issues.The reported issues included:Third-party login authentication flow – our system was trusting login identifiers from external providers without fully validating them, meaning the authentication process did not follow standard security practices. This could have allowed unauthorized access if exploited. API device ownership checks – some backend endpoints did not initially verify device ownership properly, which could have allowed access to device information by unauthorized users.Both vulnerabilities were remediated immediately, and we have found no evidence that any data or devices were accessed improperly.Our ResponseAll reported vulnerabilities were reviewed and fixed promptly.Our internal security processes have been strengthened to prevent similar issues in the future.We continue to work with security researchers and follow best practices for responsible disclosure.We are grateful to the researcher who reported these issues responsibly. Their contribution helps us make our products safer for everyone.At Petlibro, security is an ongoing journey. We encourage responsible reporting of vulnerabilities and are committed to continuous improvement to keep our platform safe, private, and reliable. 11/5/2025 Most resolved before 11/15/2025, third-party login fixed on 12/28/2025 since user APP update is a long process. Fixed