We take the security of Mono Studio and its extension ecosystem very seriously. We appreciate your efforts to responsibly disclose your findings, and we will make every effort to acknowledge your contributions.

Currently, we are actively maintaining and providing security updates for the following versions:

(Note: Older beta or alpha releases do not receive security patches. Please upgrade to the latest stable release.)

If you discover a security vulnerability within Mono Studio, please DO NOT create a public issue on GitHub. Publicly disclosing a vulnerability can put other users at risk before a patch is released.

Instead, please report it privately by sending an email to our core team:

📧 Email: monostudio.code@gmail.com

To help us resolve the issue quickly, please include the following details in your email:

• A detailed description of the vulnerability and its potential impact.
• Step-by-step instructions to reproduce the issue.
• Any proof-of-concept (PoC) code or screenshots.
• Possible mitigation or fix suggestions (if you have any).

1. Acknowledgement: We will reply to your email within 48 hours to acknowledge that we have received your report.
2. Investigation: Our team will investigate the issue and determine its severity.
3. Resolution: We will work on a patch and keep you updated on the progress.
4. Release: Once the patch is ready, we will release an update and credit you for the discovery (if you agree).

Thank you for helping keep Mono Studio safe for everyone!