If you discover a security vulnerability in any NexVigilant project, please report it privately.

Email: matthew@nexvigilant.com

Do NOT open a public issue for security vulnerabilities.

• Acknowledgment: Within 48 hours
• Initial assessment: Within 5 business days
• Fix timeline: Depends on severity, communicated in assessment

This policy covers all repositories in the nexvigilant GitHub organization.

Only the latest release of each project receives security updates.