If you discover a security vulnerability in Mymir, please report it responsibly.
Do not open a public issue.
Instead, use GitHub's private vulnerability reporting to submit your report. This ensures the issue can be addressed before public disclosure.
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
You can expect an initial response within 72 hours. We will work with you to understand and resolve the issue before any public disclosure.
This policy applies to the latest version of Mymir on the main branch.