See Heretek-RE Security Policy for the full policy.

Use GitHub Security Advisories to report vulnerabilities privately. We acknowledge receipt within 7 days and aim to issue a fix or mitigation within 30 days for high-severity issues.