We only provide security updates for the following versions:
- Version 2025.04 (Current Stable)
We take security vulnerabilities seriously and appreciate your efforts to responsibly disclose them. To report a vulnerability, please follow these steps:
- Do not open a public GitHub issue. This could expose the vulnerability to malicious actors before a fix is available.
- Email us directly at
[email protected]. - Provide detailed information:
- A clear description of the vulnerability.
- Steps to reproduce the vulnerability.
- The affected versions of the project.
- Any potential impact or exploit scenarios.
- Your contact information for follow-up.
Upon receiving a security bug report, we will:
- Acknowledge receipt within 24-72 hours.
- Confirm the problem and determine affected versions.
- Work on a fix for all supported releases.
- Coordinate a release with the fix.
- Publicly acknowledge your contribution (with your permission) after the fix is released.
We kindly request that you:
- Do not publicly disclose the vulnerability until we have released a fix.
- Allow us a reasonable amount of time to address the issue before public disclosure.
- Do not engage in any actions that could harm our users or systems during your research.
Thank you for helping to keep our project secure.