Security

Report a vulnerability

SECURITY.md

Security Policy

The Koko Analytics team and community take potential security issues in our software seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.

Reporting a Vulnerability

To report a security issue, please email us at support@kokoanalytics.com or use the GitHub Security Advisory "Report a Vulnerability" tab.

Arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import
GHSA-jgfh-264m-xh3q published Jan 19, 2026 by dannyvankooten

High

Learn more about advisories related to ibericode/koko-analytics in the GitHub Advisory Database