| Version | Supported |
|---|---|
| 0.4.x | ✅ |
| < 0.4.0 | ❌ |
DO NOT open a public GitHub issue for security vulnerabilities.
- Create a private security advisory via GitHub
- GitHub Security Advisory: https://github.com/maddefientist/Readarr/security/advisories/new
- Acknowledgment: Within 48 hours
- Initial Assessment: Within 1 week
- Critical fixes: 7-14 days
- High severity: 14-30 days
- Enable authentication in production
- Use strong passwords
- Change default API keys
- Rotate keys periodically
- Run behind reverse proxy with HTTPS
- Restrict to trusted networks
- Use firewall rules
- Keep Readarr updated
- Monitor security advisories
- Test updates in staging
- API key authentication
- Form-based authentication
- Input validation
- Parameterized queries
- CORS protection
- Dependency scanning
- Container scanning
Last Updated: 2026-01-09