| Version | Supported |
|---|---|
| 2.5.x | ✅ Currently supported |
| < 2.0 | ❌ No longer supported |
If you discover a security vulnerability in Antigravity IP Scanner, please report it responsibly.
- Do NOT open a public GitHub issue for security vulnerabilities
- Send an email to taherakbarisaeed@gmail.com with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Or contact via Telegram: @tayden2023
- Acknowledgment within 48 hours
- Assessment within 1 week
- Fix released as soon as possible for verified vulnerabilities
The following are in scope:
- Backend API vulnerabilities (FastAPI server)
- Frontend XSS or injection risks
- Data leakage or privacy concerns
- Authentication/authorization bypass
- Supply chain vulnerabilities
- Vulnerabilities in third-party Xray-core binary (report upstream)
- Issues requiring physical access to the machine
- Social engineering attacks
- Enable TLS Verification — Always enable "Strict TLS" in advanced settings to prevent MITM attacks
- Keep Updated — Use the latest version for security patches
- Verify Downloads — Only download from the official GitHub repository
- Config Privacy — Your VLESS configs are processed locally and never uploaded
We thank all security researchers who help keep this project safe. Contributors will be acknowledged in release notes (with permission).