diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..3a092d6
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,10 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+If you have any reason to believe that there are security vulnerabilities across any repository in the organisation,
+please report to **[core@catppuccin.com](mailto:core@catppuccin.com)**.
+
+We will respond within **2 - 3 business days.**
+If the report is confirmed to be true, we will make the necessary changes required to fix the issue.
+We will deploy a patch as soon as possible depending on the type of port and complexity of the issue.