From ec4424265a8c9ec6eb1606b9bab6dd8770ed1a5c Mon Sep 17 00:00:00 2001
From: Daniel <845765@qq.com>
Date: Mon, 2 Mar 2026 22:41:37 +0800
Subject: [PATCH] :memo: Update security report

Signed-off-by: Daniel <845765@qq.com>
---
 .github/SECURITY.md | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/.github/SECURITY.md b/.github/SECURITY.md
index d607a3f80..b1c56dd88 100644
--- a/.github/SECURITY.md
+++ b/.github/SECURITY.md
@@ -1,8 +1,12 @@
 # Security report
 
-If you find security-related vulnerabilities, please inform us in any of the following ways:
+If you find security-related vulnerabilities, please create a Security Advisories:
 
-* Open Issue directly (please hide sensitive information such as site and actual project)
-* Send an email to 845765@qq.com
+https://github.com/siyuan-note/siyuan/security/advisories/new
+
+Some areas we don't consider security vulnerabilities:
+
+* Arbitrary file write: Writing files outside the workspace path (e.g., exporting files) is a common user need
+* SQL injection
 
 Thank you very much!