We release patches for security vulnerabilities.

Please report security vulnerabilities through GitHub Security Advisories:

Report a vulnerability

This allows for private discussion and tracking of the issue.

• Acknowledgment: Within 48 hours
• Update: Within 7 days with an assessment and remediation plan
• Credit: You will be credited for the discovery (unless you prefer to remain anonymous)

• Please do not disclose the vulnerability publicly until a fix is released
• Provide as much detail as possible: steps to reproduce, affected versions, potential impact

Thank you for helping keep Brf.it secure!