We support only the latest stable and release candidate (RC) versions. Older versions may not receive security updates. Please use the most recent release for the best security.

If you discover a security vulnerability, please report it by opening a GitHub issue or contacting the maintainers directly. Do not disclose security issues publicly until they have been reviewed and addressed.

• Always use the latest working release or RC version.
• Keep dependencies and tools up to date.
• Never commit secrets, credentials, or sensitive data to the repository.
• Use environment variables for all sensitive configuration.
• Review and audit third-party packages before use.
• Follow the principle of least privilege for all access and permissions.

We appreciate responsible disclosure. Please allow us a reasonable time to investigate and address the issue before any public disclosure.

For urgent security issues, contact the maintainers via email (see repository profile) or through GitHub issues.

Thank you for helping keep CampusVault and its users secure!