Please do not open public issues for security vulnerabilities.

Please use GitHub Security Advisories as the preferred reporting channel for this repository (private disclosure).

If GitHub Security Advisories are not available, contact us using the details listed on https://octivi.com/contact and request a private channel for disclosure.

When reporting, please include as much context as possible:

• Steps to reproduce and/or a proof of concept (if feasible)
• Impact and attack vector
• Affected version(s) and environment
• Logs, screenshots, or other supporting materials (avoid sharing sensitive data)

• Acknowledge within 7 days.
• Provide a remediation plan or fix within 30 days for supported versions, when feasible.

Security fixes are released on the supported major version. Users should upgrade to the latest release.