diff --git a/README.md b/README.md
index 8701e27a..3d7a413d 100644
--- a/README.md
+++ b/README.md
@@ -41,7 +41,7 @@ Community Edition, five/three nodes free and Home & Student users can get suppor
 * **Ask our AI bot** by clicking the **Ask AI** button in the bottom right of this documentation site. Our AI chatbot pulls from a number of sources and is a great place to start when looking for help.
 * **Ask questions** either in our [GitHub Discussions](https://github.com/orgs/portainer/discussions/categories/help) forum or the [community Slack channel](https://portainer.io/slack). Other platforms exist (Reddit, Discord, Stack Overflow) but we are less active in those spaces.
 * **Log bugs** in [GitHub Issues](https://github.com/portainer/portainer/issues) so they can be properly managed.
-* **Flag vulnerabilities** by emailing [security@portainer.io](mailto:security@portainer.io) so we can deal with them immediately.
+* **Report any security vulnerabilities** by emailing [security@portainer.io](mailto:security@portainer.io) or by [opening a vulnerability report in GitHub](https://github.com/portainer/portainer/security/advisories/new) so the issue can be reviewed and addressed as quickly as possible.
 * **Flag documentation issues** via our [GitHub documentation channel](https://github.com/portainer/portainer-docs/issues) (or start [contributing](contribute/contribute.md) and make our documentation better!).
 
 ### Business Edition Customers
diff --git a/SUMMARY.md b/SUMMARY.md
index b43ec835..53f011f4 100644
--- a/SUMMARY.md
+++ b/SUMMARY.md
@@ -415,6 +415,7 @@
   * [How do I raise a feature request?](faqs/contributing/how-do-i-raise-a-feature-request.md)
   * [How do you decide which bugs and features to work on first?](faqs/contributing/how-do-you-decide-which-bugs-and-features-to-work-on-first.md)
   * [How do I log a Support Request?](faqs/contributing/how-do-i-log-a-support-request.md)
+  * [How do I report a security vulnerability?](faqs/contributing/how-do-i-report-a-security-vulnerability.md)
 * [Known issues](faqs/known-issues/README.md)
   * [Edge stacks do not support authenticating to deploy applications from private registries](faqs/known-issues/edge-stacks-do-not-support-authenticating-to-deploy-applications-from-private-registries.md)
   * [Known issues with VMware](faqs/known-issues/known-issues-with-vmware.md)
diff --git a/contribute/contribute.md b/contribute/contribute.md
index 6b1eb485..5f3b1444 100644
--- a/contribute/contribute.md
+++ b/contribute/contribute.md
@@ -12,6 +12,16 @@ The following guidelines outline our engineering workflows, please review these
 
 ## Contributing to the Portainer CE codebase
 
+{% hint style="warning" %}
+### AI assistance notice <a href="#id-987d7792-f717-4a29-9fe7-b9014d343629" id="id-987d7792-f717-4a29-9fe7-b9014d343629"></a>
+
+If you use any form of AI assistance to create your contribution - whether for code, documentation, or drafting pull request (PR) responses - it must be disclosed in your pull request description.
+
+Trivial assistance, like single-word auto-completion, does not require disclosure. Disclosing AI usage helps maintainers apply the correct level of scrutiny during review.
+
+For commits where an AI tool has significantly contributed to the code, it is recommended to add a Co-Authored-By trailer in the commit message to formally credit the tool, using the format specified by the tool's provider.
+{% endhint %}
+
 The Portainer CE codebase is available in [GitHub](https://github.com/portainer/portainer). Please follow our [build instructions](build/) and the following guidelines when making a contribution.
 
 ### Repository structure
@@ -45,16 +55,6 @@ The Portainer CE codebase is available in [GitHub](https://github.com/portainer/
 * **Documentation**: Update relevant docs (e.g. README, usage notes) when changing functionality.
 * **Scope**: Focus on well-defined features, fixes, or improvements. Large architectural changes should be discussed in an issue first.
 
-{% hint style="warning" %}
-### AI assistance notice <a href="#id-987d7792-f717-4a29-9fe7-b9014d343629" id="id-987d7792-f717-4a29-9fe7-b9014d343629"></a>
-
-If you use any form of AI assistance to create your contribution - whether for code, documentation, or drafting pull request (PR) responses - it must be disclosed in your pull request description.
-
-Trivial assistance, like single-word auto-completion, does not require disclosure. Disclosing AI usage helps maintainers apply the correct level of scrutiny during review.
-
-For commits where an AI tool has significantly contributed to the code, it is recommended to add a Co-Authored-By trailer in the commit message to formally credit the tool, using the format specified by the tool's provider.
-{% endhint %}
-
 ### Communication
 
 * For significant changes or new features, use [GitHub Discussions](https://github.com/orgs/portainer/discussions/categories/ideas) to start a discussion before starting the change.
@@ -66,6 +66,19 @@ If you find a bug, [please tell us](https://github.com/portainer/portainer/issue
 
 [This article](../faqs/contributing/how-do-you-decide-which-bugs-and-features-to-work-on-first.md) covers how we prioritize bug fixes.
 
+## Reporting security vulnerabilities&#x20;
+
+The Portainer team takes the security of our products seriously. If you believe you have discovered a security vulnerability in any Portainer-owned repository, please report it responsibly.
+
+Plase do not report security vulnerabilities through public channels, including standard GitHub issues.
+
+Instead, report vulnerabilities using one of the following methods:
+
+* Email the Portainer team at [security@portainer.io](mailto:security@portainer.io)&#x20;
+* [Submit a private vulnerability report](https://github.com/portainer/portainer/security/advisories/new) through the relevant Portainer repository on GitHub
+
+These channels allow the team to review and address the issue as quickly as possible while minimizing the risk of public exposure before a fix is available.
+
 ## Feature requests
 
 You can request new features by posting an Idea in our [GitHub Discussions](https://github.com/orgs/portainer/discussions/categories/ideas) forum. Please check to see if someone has already requested the feature you want, and give it an upvote if so.
diff --git a/faqs/contributing/how-do-i-report-a-security-vulnerability.md b/faqs/contributing/how-do-i-report-a-security-vulnerability.md
new file mode 100644
index 00000000..37b4cd74
--- /dev/null
+++ b/faqs/contributing/how-do-i-report-a-security-vulnerability.md
@@ -0,0 +1,12 @@
+# How do I report a security vulnerability?
+
+The Portainer team takes the security of our products seriously. If you believe you have discovered a security vulnerability in any Portainer-owned repository, please report it responsibly.
+
+Please do not report security vulnerabilities through public channels, including standard GitHub issues.
+
+Instead, report vulnerabilities using one of the following methods:
+
+* Email the Portainer team at [security@portainer.io](mailto:security@portainer.io)&#x20;
+* [Submit a private vulnerability report](https://github.com/portainer/portainer/security/advisories/new) through the relevant Portainer repository on GitHub
+
+These channels allow the team to review and address the issue as quickly as possible while minimizing the risk of public exposure before a fix is available.
