From 0ccaf6c835714440201e58e4796260c224fa1deb Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 4 Feb 2026 11:50:06 +0100
Subject: [PATCH] VULN-DISCLOSURE-POLICY.md: push reports to the web form

Closes #20515
---
 docs/VULN-DISCLOSURE-POLICY.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/docs/VULN-DISCLOSURE-POLICY.md b/docs/VULN-DISCLOSURE-POLICY.md
index da767d65ac..94cdc1a5ce 100644
--- a/docs/VULN-DISCLOSURE-POLICY.md
+++ b/docs/VULN-DISCLOSURE-POLICY.md
@@ -31,9 +31,8 @@ announcement.
 
 - The person discovering the issue, the reporter, reports the vulnerability to
   the curl project. Do this [on
-  GitHub](https://github.com/curl/curl/security/advisories) or send an email
-  to `security at curl.se`. Such submissions reach a handful of selected and
-  trusted people.
+  GitHub](https://github.com/curl/curl/security/advisories). Such submissions
+  reach a handful of selected and trusted people.
 
 - Messages that do not relate to the reporting or managing of an undisclosed
   security vulnerability in curl or libcurl are ignored and no further action