diff --git a/security/policy.rst b/security/policy.rst
index e79845121..3c7576337 100644
--- a/security/policy.rst
+++ b/security/policy.rst
@@ -44,7 +44,10 @@ dead-locks, and resource exhaustion) must be
 triggerable with data inputs that are reasonably sized for the use case.
 Availability vulnerabilities must also demonstrate an "upward" change in posture
 for the attacker, rather than a "lateral" one.
-This is to avoid handling performance improvements as security vulnerabilities.
+Unexpected Python exceptions are not vulnerabilities by themselves unless they
+satisfy the availability criteria above.
+This is to avoid handling performance and correctness improvements as security
+vulnerabilities.
 
 Vulnerabilities in dependencies of Python (such as zlib, Tcl/Tk, or OpenSSL)
 are not vulnerabilities in Python unless Python's use of the dependency