Only actively supported versions will receive security patches.

If you discover a security vulnerability in the project, please report it responsibly.

Send a detailed report to [email protected]. Include the following:

• A description of the issue
• Steps to reproduce (POC if available)
• Affected version(s) or commit hashes
• Any potential impact or severity assessment (if known)

• You will receive a confirmation of receipt as soon as possible.
• We aim to provide an initial assessment and timeline as soon as possible.
• If confirmed, we will coordinate a fix and security release as soon as possible.
• If the report is invalid or not considered a security issue, we will explain why.

Please do not disclose the vulnerability publicly until we have issued a patch and disclosed it through an official advisory.

Thank you for helping make Manticore more secure!