Security

Report a vulnerability

SECURITY.md

Security Policy

Supported Versions

Version	Supported
1.x	Yes
< 1.0	No

Reporting a Vulnerability

Do not open public GitHub issues for security vulnerabilities.

Report vulnerabilities privately to: contact@peerhub.dev

Include:

A clear description of the issue
Reproduction steps or proof of concept
Affected components and impact
Any suggested remediation

Response Targets

Initial acknowledgement: within 7 business days
Triage decision: within 30 business days
Fix timeline: depends on severity and complexity

Disclosure Policy

We will coordinate disclosure with the reporter.
We ask reporters not to publicly disclose until a fix is available.
After remediation, we may publish an advisory describing impact and resolution.

There aren’t any published security advisories