llm-ports is currently pre-release. Security updates are provided for the
latest published minor version on the 0.x line.
Please report suspected vulnerabilities privately via GitHub's Private Vulnerability Reporting.
This goes directly to maintainers and is not visible publicly until a fix is released. If you can't use the GitHub form, open a discussion at https://github.com/baabakk/llm-ports/discussions and ask for a private contact channel without disclosing the vulnerability details there.
When reporting, include:
- A clear description of the issue and impact
- Steps to reproduce
- Any proof-of-concept code or logs (if available)
- A suggested fix or mitigation (optional)
Please do not open public issues for security vulnerabilities.
Maintainers will:
- Acknowledge receipt within 3 business days
- Confirm impact and triage severity
- Work on a fix and coordinate disclosure timing
- Publish a patch release and a public advisory once a fix is available
We follow responsible disclosure. Vulnerability details remain private until a fix is released or a mitigation is communicated.