The following versions of TinyBigUI are currently receiving security updates:
| Version | Supported |
|---|---|
| 0.1.x | ✅ |
Older pre-release versions (0.0.x) are not supported. Please upgrade to the latest version.
Please do NOT report security vulnerabilities via GitHub Issues. Public issue reports expose the vulnerability before a fix is available.
Instead, report vulnerabilities by emailing security@tinybigui.dev.
Your report should include:
- A description of the vulnerability and its potential impact
- Steps to reproduce the issue (proof of concept if possible)
- Any relevant versions, environment details, or configuration
- Within 48 hours: You will receive an acknowledgement confirming we have received your report.
- Within 7 days: We will provide an initial assessment and an estimated timeline for a fix.
- After a fix is released: We will publicly disclose the vulnerability in the release notes, crediting you (unless you prefer to remain anonymous).
We follow responsible disclosure: we ask that you do not publicly disclose the vulnerability until we have released a fix and notified you.
Thank you for helping keep TinyBigUI and its users safe.