The following versions of the project are currently supported with security updates:

If you find a security vulnerability, please do NOT open a public issue. As this project deals with cryptographic primitives and privacy-preserving machine learning, we take security reports very seriously.

Please report vulnerabilities by:

1. Sending an email to [INSERT CONTACT EMAIL].
2. Including a detailed description of the vulnerability.
3. Providing steps to reproduce or a proof-of-concept (PoC).

We will acknowledge your report within 48 hours and provide a timeline for a fix. We ask that you follow Responsible Disclosure guidelines and give us time to address the issue before making any public announcement.

This policy covers the core cryptographic modules, data handling pipelines, and the federated learning orchestration logic.