If you discover a security vulnerability in Vectorless, please report it by emailing:
Do NOT create a public GitHub issue for security vulnerabilities.
Please include the following in your report:
- Description of the vulnerability
- Steps to reproduce
- Affected versions (if known)
- Potential impact
| Stage | Timeframe |
|---|---|
| Initial response | Within 48 hours |
| Vulnerability confirmation | Within 7 days |
| Fix development | Depends on severity |
| Security advisory | After fix is released |
- Vulnerabilities will be disclosed after a fix is available
- We will credit reporters (unless you prefer to remain anonymous)
- We request a reasonable time to fix before public disclosure
| Version | Supported |
|---|---|
| 0.1.x | ✅ |
| < 0.1 | ❌ |
Thank you for helping keep Vectorless secure!