At this stage, security fixes are applied to the latest code on the default branch.
Please do not open public issues for suspected vulnerabilities.
Report security issues privately to:
- Email:
[email protected](replace with real address)
Include the following:
- Vulnerability type and impact
- Steps to reproduce
- Affected files, endpoints, or components
- Proof of concept (if available)
- Suggested fix or mitigation (optional)
- Initial acknowledgment within 72 hours
- Triage and severity classification
- Fix development and validation
- Coordinated disclosure and release notes
- Do not include real user data in reports.
- Use sanitized logs or minimal examples.
- Do not exploit vulnerabilities beyond what is needed for proof.
Thank you for helping keep MindSpace and its users safe.