Security

SECURITY.md

Security Policy

Supported Versions

Security fixes are applied to the latest code on main.

Reporting a Vulnerability

Please do not open public GitHub issues for security vulnerabilities.

Report privately by email:

evermind@shanda.com
Subject: EverMemOS Security Report

What to Include

Please include:

A clear description of the issue.
Steps to reproduce.
Affected versions or commit hashes.
Potential impact.
Any suggested fix or mitigation (optional).

Response Expectations

Initial acknowledgment target: within 72 hours.
Status updates are shared by email while triage is in progress.

Responsible Disclosure

Please allow time for investigation and remediation before public disclosure.

There aren’t any published security advisories