If you discover a security vulnerability in vit-storage, please do not open a public issue.
Instead, report it privately by emailing security@vitnetwork.io (or via a private security advisory on this repository's "Security" tab) with:
- A description of the vulnerability and its impact
- Steps to reproduce
- Any relevant logs, PoC code, or screenshots
We aim to acknowledge reports within 48 hours and provide a resolution timeline within 5 business days.
Only the latest release on the main branch is actively supported with security fixes.
We follow coordinated disclosure. Please give us a reasonable window to release a fix before any public disclosure.