PrimisAI Nexus is committed to responsible vulnerability handling.

We support and patch the latest release. Older versions will not be maintained.

Please report suspected security vulnerabilities privately:

• GitHub Security Advisory:
  https://github.com/PrimisAI/nexus/security/advisories/new

What to include:

• Nexus version
• Affected component (e.g. Supervisor, YAML loader)
• Environment (OS, Python version, install method)
• Minimal reproduction steps or script
• Impact assessment (e.g. code execution, data exposure)

• Fixes for critical vulnerabilities will be released as soon as possible in the next patch.

We'll work with you to agree on a public disclosure timeline and request a CVE for high‑severity issues. Fixed vulnerabilities will be documented in the Release notes.