Security Audit 2026 by cure53
Security has always been at the core of what we do at Psono. That is why we are sharing the results of our most recent security audit, conducted by Cure53. This white-box penetration test and source code audit focused on the Psono Console UI, Console API, and Console Admin components.
“None of the findings exceeded an impact score of Low. A multitude of typical errors and vulnerabilities are successfully negated, reflecting the development team’s acute awareness of web application security.” — Cure53 Security Report, March 2026
What the Audit Covered
The audit was organized into three dedicated work packages (WPs):
- WP1: Psono Console UI
- WP2: Psono Console API
- WP3: Psono Console Admin
The Cure53 team had full access to relevant source code, target URLs, and test credentials. The assessment was delivered by four security professionals over twelve and a half days.
Findings and Fixes
A total of twelve findings were documented:
- 3 identified vulnerabilities
- 9 miscellaneous issues
- Highest severity: Low
All findings were addressed and validated by Cure53.
The report highlights that our security architecture remains robust overall, while also providing concrete hardening recommendations that we have implemented.
Why This Matters
Being transparent about our security practices helps reinforce the trust our users place in Psono. Open source projects benefit greatly from public scrutiny—and we welcome it.
We are proud that this third Cure53 assessment again confirms a strong security posture for Psono. We remain committed to continuous improvement and to publishing independent security reviews.
Download the Full Report
You can read the full Cure53 report here:
