security policy update

.github/SECURITY.md

@@ -1,5 +1,34 @@
 # Security Policy
 
+## Supported Versions
+
+Ensure your vulnerability is on the latest version, as I will only respond to ones on the latest version, you can find what version you are on the footer on the home page.
+
 ## Reporting a Vulnerability
 
-Please either email me at dominikwajda@hotmail.com for high severity and just open an issue for low severity.
+We encourage responsible disclosure of vulnerabilities. To report a vulnerability, please follow these guidelines:  
+
+### High-Severity Vulnerabilities
+
+- Email me directly at **[dominikwajda@hotmail.com](mailto:dominikwajda@hotmail.com)** with the subject line: `Security Vulnerability Report - Liberatube`.  
+- Include a detailed description of the issue, steps to reproduce, and any potential impact.  
+- If possible, include proof-of-concept (PoC) code.  
+- **Do not publicly disclose the vulnerability** until we’ve had an opportunity to assess and address the issue.  
+- We strive to respond to high-severity reports within **48 hours** and provide updates on the resolution process.  
+
+### Low-Severity Vulnerabilities
+
+- Open an issue on the [GitHub Issues section](https://github.com/golddominik893/liberatube/issues).  
+- Clearly label the issue with `[Low-Severity]` and provide relevant details to help us investigate.  
+
+## Scope of Vulnerability Reporting
+
+I am particularly interested in vulnerabilities related to:  
+
+- Authentication and authorization mechanisms.  
+- Code injection (e.g., SQL injection, XSS, etc.).  
+- Security misconfigurations.  
+- Sensitive data exposure.  
+- Dependencies with known vulnerabilities.  
+
+Issues outside this scope may be addressed at our discretion.