# Security Policy ## Supported Versions Only the latest release is supported with security fixes. ## Reporting a Vulnerability Please report vulnerabilities privately and do not open public issues for undisclosed security problems. Include: - affected version/commit - vulnerability description - impact assessment - reproduction steps or proof of concept If you do not have a private contact path yet, open a minimal GitHub issue asking for a secure reporting channel without disclosing technical details. ## Disclosure Process - We will acknowledge reports as quickly as possible. - We will validate, triage severity, and prepare a fix. - We will coordinate a release and publish advisories when appropriate.