If you discover a security vulnerability in KiloCenter, please report it responsibly. Do not open a public GitHub issue.
Email security@kiloiot.io with:
- Description of the vulnerability
- Steps to reproduce
- Affected versions
- Potential impact assessment
- Any suggested remediation (optional)
- Acknowledgment: Within 48 hours of receiving your report
- Triage: Within 7 business days
- Fix: Dependent on severity — critical issues are prioritized for the next patch release
Security updates are provided for the latest release on the main branch. Older versions do not receive backported security fixes.
| Version | Supported |
|---|---|
| Latest | Yes |
| Older | No |
Security reporters will be credited in the release notes for the fix, unless they request anonymity.
This policy covers the KiloCenter Community Edition codebase at github.com/Kiloiot/kilo-service-center. For security concerns related to the enterprise edition or Kilo Cloud, contact security@kiloiot.io directly.