diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..69ad96e
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,53 @@
+# Security Policy
+
+## Supported Versions
+
+Security updates are provided only for the latest version of this project.
+
+| Version        | Supported |
+|---------------|-----------|
+| main / latest | ✅        |
+| older versions| ❌        |
+
+---
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability, please **do not open a public GitHub issue**.
+
+### How to Report
+Report security issues by contacting the project maintainers privately.
+
+- Email: **security@projectname.org**  
+  *(Replace with the actual maintainer or project email if available)*
+
+If no security email is available, please use **GitHub Discussions** and prefix
+your message with **[SECURITY]**.
+
+### What to Include
+Please include as much of the following information as possible:
+- Description of the vulnerability
+- Steps to reproduce the issue
+- Affected version(s)
+- Potential impact
+
+### Response Timeline
+- Initial acknowledgment: within **72 hours**
+- Status update: within **7 days**
+
+If the vulnerability is confirmed, we will work on a fix and coordinate a
+responsible disclosure. If it is declined, we will provide a clear explanation.
+
+---
+
+## Responsible Disclosure
+
+We kindly request that reporters allow reasonable time for investigation and
+remediation before publicly disclosing security issues.
+
+---
+
+## Severity Assessment
+
+Reported vulnerabilities are assessed based on their impact and severity.
+High-risk issues will be prioritized accordingly.