Currently, only the latest release of Herdux CLI is actively supported with security updates. We encourage all users to upgrade to the latest stable version.

Security is a top priority for Herdux CLI, especially given its role in interacting with databases, executing binaries, and managing credentials.

If you discover a security vulnerability, we kindly ask that you report it to us privately rather than creating a public issue. Exposing vulnerabilities publicly before a patch is available puts our users at risk.

Please report any vulnerabilities by emailing: [eduardowz.prog@gmail.com / eduardozaniboni.contato@gmail.com]

• The type of vulnerability (e.g., Command Injection, Credential Exposure, Path Traversal).
• Detailed steps to reproduce the vulnerability.
• Proof of concept (PoC) code or scripts, if available.
• Information about your environment (OS, Node.js version, exact Herdux version).

1. We will acknowledge receipt of your vulnerability report within 48 hours.
2. We will investigate the issue and determine its scope and severity.
3. If confirmed, we will work on a patch and notify you when it is ready for release.
4. With your permission, we will credit your disclosure in our release notes or security advisories.

Thank you for helping keep the Herdux community safe!