LizardByte only supports the latest version of our software.

If you think you have found a security vulnerability in our software, please report it to us using the "Security" tab on the GitHub repository.

After you have submitted the vulnerability, we will review the report internally and respond to you with any questions or next steps.

If the report is accepted, we will request a CVE and create a private fork of the repository to work on the issue. Once the pull request is merged, we will publish the security advisory on the GitHub repository.

We ask that you do not discuss or disclose the vulnerability outside the advisory on GitHub until the advisory is published. This helps to protect users until a fix is available.