diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
index eae20fc99d3e5d531c1ee30f42f23e498dae91d9..e651a56a48b79d79933ad4220475656483b2c0d2 100644
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -3,6 +3,11 @@ name: Bug report
 about: You've found a bug with Renovate
 ---
 
+<!--
+      PLEASE DO NOT REPORT ANY SECURITY CONCERNS THIS WAY
+      Email renovate-disclosure@whitesourcesoftware.com instead.
+-->
+
 **What Renovate type, platform and version are you using?**
 
 <!-- Tell us if you're using the hosted App, or if you are self-hosted Renovate yourself. Platform too (GitHub, GitLab, etc) plus which version of Renovate if you're self-hosted. -->