diff --git a/docs/ar/mcp/security.mdx b/docs/ar/mcp/security.mdx
index e968ff9f5..f32440aab 100644
--- a/docs/ar/mcp/security.mdx
+++ b/docs/ar/mcp/security.mdx
@@ -139,7 +139,19 @@ mode: "wide"
- **الالتزام بمواصفات ترخيص MCP**: إذا كنت تنفذ المصادقة والترخيص، اتبع بدقة [مواصفات ترخيص MCP](https://modelcontextprotocol.io/specification/draft/basic/authorization).
- **تدقيقات أمنية منتظمة**: إذا كان خادم MCP يتعامل مع بيانات حساسة، فكر في إجراء تدقيقات أمنية دورية.
-## 5. قراءة إضافية
+## 5. الإبلاغ عن الثغرات الأمنية
+
+إذا اكتشفت ثغرة أمنية في CrewAI، يرجى الإبلاغ عنها بشكل مسؤول من خلال برنامج الكشف عن الثغرات (VDP) الخاص بنا على Bugcrowd:
+
+**أرسل التقارير إلى:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+
+**لا تكشف** عن الثغرات عبر issues العامة على GitHub أو pull requests أو وسائل التواصل الاجتماعي. لن تتم مراجعة التقارير المقدمة عبر قنوات غير Bugcrowd.
+
+
+لمزيد من التفاصيل، راجع [سياسة الأمان](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md) الخاصة بنا.
+
+## 6. قراءة إضافية
لمزيد من المعلومات التفصيلية حول أمان MCP، راجع التوثيق الرسمي:
- **[أمان نقل MCP](https://modelcontextprotocol.io/docs/concepts/transports#security-considerations)**
diff --git a/docs/ar/security.mdx b/docs/ar/security.mdx
new file mode 100644
index 000000000..c6454cca7
--- /dev/null
+++ b/docs/ar/security.mdx
@@ -0,0 +1,22 @@
+---
+title: سياسة الأمان
+description: تعرف على كيفية الإبلاغ عن الثغرات الأمنية وممارسات الأمان في CrewAI.
+icon: shield
+mode: "wide"
+---
+
+## الإبلاغ عن الثغرات الأمنية
+
+إذا اكتشفت ثغرة أمنية في CrewAI، يرجى الإبلاغ عنها بشكل مسؤول من خلال برنامج الكشف عن الثغرات (VDP) الخاص بنا على Bugcrowd:
+
+**أرسل التقارير إلى:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+
+**لا تكشف** عن الثغرات عبر issues العامة على GitHub أو pull requests أو وسائل التواصل الاجتماعي. لن تتم مراجعة التقارير المقدمة عبر قنوات غير Bugcrowd.
+
+
+لمزيد من التفاصيل، راجع [سياسة الأمان على GitHub](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md).
+
+## موارد الأمان
+
+- **[اعتبارات أمان MCP](/mcp/security)** — أفضل الممارسات لدمج خوادم MCP بأمان مع وكلاء CrewAI، بما في ذلك أمان النقل ومخاطر حقن الأوامر ونصائح تنفيذ الخادم.
diff --git a/docs/docs.json b/docs/docs.json
index a4dcf4c1f..325accc27 100644
--- a/docs/docs.json
+++ b/docs/docs.json
@@ -369,6 +369,12 @@
"pages": [
"en/telemetry"
]
+ },
+ {
+ "group": "Security",
+ "pages": [
+ "en/security"
+ ]
}
]
},
@@ -839,6 +845,12 @@
"pages": [
"en/telemetry"
]
+ },
+ {
+ "group": "Security",
+ "pages": [
+ "en/security"
+ ]
}
]
},
@@ -1308,6 +1320,12 @@
"pages": [
"en/telemetry"
]
+ },
+ {
+ "group": "Security",
+ "pages": [
+ "en/security"
+ ]
}
]
},
@@ -1777,6 +1795,12 @@
"pages": [
"en/telemetry"
]
+ },
+ {
+ "group": "Security",
+ "pages": [
+ "en/security"
+ ]
}
]
},
@@ -2247,6 +2271,12 @@
"pages": [
"en/telemetry"
]
+ },
+ {
+ "group": "Security",
+ "pages": [
+ "en/security"
+ ]
}
]
},
@@ -2715,6 +2745,12 @@
"pages": [
"en/telemetry"
]
+ },
+ {
+ "group": "Security",
+ "pages": [
+ "en/security"
+ ]
}
]
},
@@ -3186,6 +3222,12 @@
"pages": [
"en/telemetry"
]
+ },
+ {
+ "group": "Security",
+ "pages": [
+ "en/security"
+ ]
}
]
},
@@ -3671,6 +3713,12 @@
"pages": [
"pt-BR/telemetry"
]
+ },
+ {
+ "group": "Segurança",
+ "pages": [
+ "pt-BR/security"
+ ]
}
]
},
@@ -4125,6 +4173,12 @@
"pages": [
"pt-BR/telemetry"
]
+ },
+ {
+ "group": "Segurança",
+ "pages": [
+ "pt-BR/security"
+ ]
}
]
},
@@ -4579,6 +4633,12 @@
"pages": [
"pt-BR/telemetry"
]
+ },
+ {
+ "group": "Segurança",
+ "pages": [
+ "pt-BR/security"
+ ]
}
]
},
@@ -5033,6 +5093,12 @@
"pages": [
"pt-BR/telemetry"
]
+ },
+ {
+ "group": "Segurança",
+ "pages": [
+ "pt-BR/security"
+ ]
}
]
},
@@ -5486,6 +5552,12 @@
"pages": [
"pt-BR/telemetry"
]
+ },
+ {
+ "group": "Segurança",
+ "pages": [
+ "pt-BR/security"
+ ]
}
]
},
@@ -5939,6 +6011,12 @@
"pages": [
"pt-BR/telemetry"
]
+ },
+ {
+ "group": "Segurança",
+ "pages": [
+ "pt-BR/security"
+ ]
}
]
},
@@ -6393,6 +6471,12 @@
"pages": [
"pt-BR/telemetry"
]
+ },
+ {
+ "group": "Segurança",
+ "pages": [
+ "pt-BR/security"
+ ]
}
]
},
@@ -6890,6 +6974,12 @@
"pages": [
"ko/telemetry"
]
+ },
+ {
+ "group": "보안",
+ "pages": [
+ "ko/security"
+ ]
}
]
},
@@ -7356,6 +7446,12 @@
"pages": [
"ko/telemetry"
]
+ },
+ {
+ "group": "보안",
+ "pages": [
+ "ko/security"
+ ]
}
]
},
@@ -7822,6 +7918,12 @@
"pages": [
"ko/telemetry"
]
+ },
+ {
+ "group": "보안",
+ "pages": [
+ "ko/security"
+ ]
}
]
},
@@ -8288,6 +8390,12 @@
"pages": [
"ko/telemetry"
]
+ },
+ {
+ "group": "보안",
+ "pages": [
+ "ko/security"
+ ]
}
]
},
@@ -8753,6 +8861,12 @@
"pages": [
"ko/telemetry"
]
+ },
+ {
+ "group": "보안",
+ "pages": [
+ "ko/security"
+ ]
}
]
},
@@ -9218,6 +9332,12 @@
"pages": [
"ko/telemetry"
]
+ },
+ {
+ "group": "보안",
+ "pages": [
+ "ko/security"
+ ]
}
]
},
@@ -9684,6 +9804,12 @@
"pages": [
"ko/telemetry"
]
+ },
+ {
+ "group": "보안",
+ "pages": [
+ "ko/security"
+ ]
}
]
},
@@ -10181,6 +10307,12 @@
"pages": [
"ar/telemetry"
]
+ },
+ {
+ "group": "الأمان",
+ "pages": [
+ "ar/security"
+ ]
}
]
},
@@ -10647,6 +10779,12 @@
"pages": [
"ar/telemetry"
]
+ },
+ {
+ "group": "الأمان",
+ "pages": [
+ "ar/security"
+ ]
}
]
},
@@ -11113,6 +11251,12 @@
"pages": [
"ar/telemetry"
]
+ },
+ {
+ "group": "الأمان",
+ "pages": [
+ "ar/security"
+ ]
}
]
},
@@ -11579,6 +11723,12 @@
"pages": [
"ar/telemetry"
]
+ },
+ {
+ "group": "الأمان",
+ "pages": [
+ "ar/security"
+ ]
}
]
},
@@ -12044,6 +12194,12 @@
"pages": [
"ar/telemetry"
]
+ },
+ {
+ "group": "الأمان",
+ "pages": [
+ "ar/security"
+ ]
}
]
},
@@ -12509,6 +12665,12 @@
"pages": [
"ar/telemetry"
]
+ },
+ {
+ "group": "الأمان",
+ "pages": [
+ "ar/security"
+ ]
}
]
},
@@ -12975,6 +13137,12 @@
"pages": [
"ar/telemetry"
]
+ },
+ {
+ "group": "الأمان",
+ "pages": [
+ "ar/security"
+ ]
}
]
},
@@ -13291,4 +13459,4 @@
"reddit": "https://www.reddit.com/r/crewAIInc/"
}
}
-}
+}
\ No newline at end of file
diff --git a/docs/en/mcp/security.mdx b/docs/en/mcp/security.mdx
index 4fc84cdeb..0edd7583e 100644
--- a/docs/en/mcp/security.mdx
+++ b/docs/en/mcp/security.mdx
@@ -156,7 +156,19 @@ If you are developing an MCP server that CrewAI agents might connect to, conside
- **Adherence to MCP Authorization Spec**: If implementing authentication and authorization, strictly follow the [MCP Authorization specification](https://modelcontextprotocol.io/specification/draft/basic/authorization) and relevant [OAuth 2.0 security best practices](https://datatracker.ietf.org/doc/html/rfc9700).
- **Regular Security Audits**: If your MCP server handles sensitive data, performs critical operations, or is publicly exposed, consider periodic security audits by qualified professionals.
-## 5. Further Reading
+## 5. Reporting Security Vulnerabilities
+
+If you discover a security vulnerability in CrewAI, please report it responsibly through our Bugcrowd Vulnerability Disclosure Program (VDP):
+
+**Submit reports to:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+
+**Do not** disclose vulnerabilities via public GitHub issues, pull requests, or social media. Reports submitted via channels other than Bugcrowd will not be reviewed.
+
+
+For full details, see our [Security Policy](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md).
+
+## 6. Further Reading
For more detailed information on MCP security, refer to the official documentation:
- **[MCP Transport Security](https://modelcontextprotocol.io/docs/concepts/transports#security-considerations)**
diff --git a/docs/en/security.mdx b/docs/en/security.mdx
new file mode 100644
index 000000000..ec4c12774
--- /dev/null
+++ b/docs/en/security.mdx
@@ -0,0 +1,22 @@
+---
+title: Security Policy
+description: Learn how to report security vulnerabilities and about CrewAI's security practices.
+icon: shield
+mode: "wide"
+---
+
+## Reporting Security Vulnerabilities
+
+If you discover a security vulnerability in CrewAI, please report it responsibly through our Bugcrowd Vulnerability Disclosure Program (VDP):
+
+**Submit reports to:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+
+**Do not** disclose vulnerabilities via public GitHub issues, pull requests, or social media. Reports submitted via channels other than Bugcrowd will not be reviewed.
+
+
+For full details, see our [Security Policy on GitHub](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md).
+
+## Security Resources
+
+- **[MCP Security Considerations](/mcp/security)** — Best practices for securely integrating MCP servers with your CrewAI agents, including transport security, prompt injection risks, and server implementation advice.
diff --git a/docs/ko/mcp/security.mdx b/docs/ko/mcp/security.mdx
index dd32747f5..f648e695d 100644
--- a/docs/ko/mcp/security.mdx
+++ b/docs/ko/mcp/security.mdx
@@ -156,7 +156,19 @@ CrewAI 에이전트가 연결할 수 있는 MCP 서버를 개발하고 있다면
- **MCP 인증 사양 준수**: 인증 및 권한 부여를 구현할 경우, [MCP Authorization specification](https://modelcontextprotocol.io/specification/draft/basic/authorization) 및 관련 [OAuth 2.0 security best practices](https://datatracker.ietf.org/doc/html/rfc9700)를 엄격히 준수하세요.
- **정기적인 보안 감사**: MCP 서버가 민감한 데이터를 처리하거나, 중요한 작업을 수행하거나, 대외적으로 노출된 경우 자격을 갖춘 전문가의 정기적인 보안 감사를 고려하세요.
-## 5. 추가 참고 자료
+## 5. 보안 취약점 보고
+
+CrewAI에서 보안 취약점을 발견하셨다면, Bugcrowd 취약점 공개 프로그램(VDP)을 통해 책임감 있게 보고해 주세요:
+
+**보고서 제출:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+
+공개 GitHub 이슈, 풀 리퀘스트 또는 소셜 미디어를 통해 취약점을 공개하지 **마세요**. Bugcrowd 이외의 채널로 제출된 보고서는 검토되지 않습니다.
+
+
+자세한 내용은 [보안 정책](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md)을 참조하세요.
+
+## 6. 추가 참고 자료
MCP 보안에 대한 자세한 내용은 공식 문서를 참고하세요:
- **[MCP 전송 보안](https://modelcontextprotocol.io/docs/concepts/transports#security-considerations)**
diff --git a/docs/ko/security.mdx b/docs/ko/security.mdx
new file mode 100644
index 000000000..7d90253c6
--- /dev/null
+++ b/docs/ko/security.mdx
@@ -0,0 +1,22 @@
+---
+title: 보안 정책
+description: CrewAI의 보안 취약점 보고 방법과 보안 관행에 대해 알아보세요.
+icon: shield
+mode: "wide"
+---
+
+## 보안 취약점 보고
+
+CrewAI에서 보안 취약점을 발견하셨다면, Bugcrowd 취약점 공개 프로그램(VDP)을 통해 책임감 있게 보고해 주세요:
+
+**보고서 제출:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+
+공개 GitHub 이슈, 풀 리퀘스트 또는 소셜 미디어를 통해 취약점을 공개하지 **마세요**. Bugcrowd 이외의 채널로 제출된 보고서는 검토되지 않습니다.
+
+
+자세한 내용은 [GitHub 보안 정책](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md)을 참조하세요.
+
+## 보안 리소스
+
+- **[MCP 보안 고려사항](/mcp/security)** — MCP 서버를 CrewAI 에이전트와 안전하게 통합하기 위한 모범 사례로, 전송 보안, 프롬프트 인젝션 위험 및 서버 구현 권장 사항을 포함합니다.
diff --git a/docs/pt-BR/mcp/security.mdx b/docs/pt-BR/mcp/security.mdx
index c62f1d9bc..c89111c54 100644
--- a/docs/pt-BR/mcp/security.mdx
+++ b/docs/pt-BR/mcp/security.mdx
@@ -156,7 +156,19 @@ Se você está desenvolvendo um servidor MCP ao qual agentes CrewAI possam se co
- **Aderência à Especificação de Autorização MCP**: Caso implemente autenticação e autorização, siga estritamente a [especificação de autorização MCP](https://modelcontextprotocol.io/specification/draft/basic/authorization) e as [melhores práticas de segurança OAuth 2.0](https://datatracker.ietf.org/doc/html/rfc9700) relevantes.
- **Auditorias de Segurança Regulares**: Caso seu servidor MCP manipule dados sensíveis, realize operações críticas ou seja exposto publicamente, considere auditorias de segurança periódicas conduzidas por profissionais qualificados.
-## 5. Leituras Adicionais
+## 5. Reportando Vulnerabilidades de Segurança
+
+Se você descobrir uma vulnerabilidade de segurança no CrewAI, por favor reporte de forma responsável através do nosso Programa de Divulgação de Vulnerabilidades (VDP) no Bugcrowd:
+
+**Envie relatórios para:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+
+**Não** divulgue vulnerabilidades por meio de issues públicas no GitHub, pull requests ou redes sociais. Relatórios enviados por outros canais que não o Bugcrowd não serão analisados.
+
+
+Para mais detalhes, consulte nossa [Política de Segurança](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md).
+
+## 6. Leituras Adicionais
Para informações mais detalhadas sobre segurança MCP, consulte a documentação oficial:
- **[Segurança de Transporte MCP](https://modelcontextprotocol.io/docs/concepts/transports#security-considerations)**
diff --git a/docs/pt-BR/security.mdx b/docs/pt-BR/security.mdx
new file mode 100644
index 000000000..5a95469d5
--- /dev/null
+++ b/docs/pt-BR/security.mdx
@@ -0,0 +1,22 @@
+---
+title: Política de Segurança
+description: Saiba como reportar vulnerabilidades de segurança e sobre as práticas de segurança do CrewAI.
+icon: shield
+mode: "wide"
+---
+
+## Reportando Vulnerabilidades de Segurança
+
+Se você descobrir uma vulnerabilidade de segurança no CrewAI, por favor reporte de forma responsável através do nosso Programa de Divulgação de Vulnerabilidades (VDP) no Bugcrowd:
+
+**Envie relatórios para:** [crewai-vdp-ess@submit.bugcrowd.com](mailto:crewai-vdp-ess@submit.bugcrowd.com)
+
+
+**Não** divulgue vulnerabilidades por meio de issues públicas no GitHub, pull requests ou redes sociais. Relatórios enviados por outros canais que não o Bugcrowd não serão analisados.
+
+
+Para mais detalhes, consulte nossa [Política de Segurança no GitHub](https://github.com/crewAIInc/crewAI/blob/main/.github/security.md).
+
+## Recursos de Segurança
+
+- **[Considerações de Segurança MCP](/mcp/security)** — Melhores práticas para integrar servidores MCP com segurança aos seus agentes CrewAI, incluindo segurança de transporte, riscos de injeção de prompt e conselhos de implementação de servidor.