Security Policy

Last updated: March 5, 2026

This page describes how security vulnerabilities should be reported for OrbitBits projects and services.

Reporting Security Vulnerabilities

If you discover a security vulnerability in an OrbitBits project or service, please report it responsibly.

Do not disclose the vulnerability publicly until it has been reviewed and addressed.

Security reports can be sent to:

[email protected]

Responsible Disclosure

When reporting a vulnerability, please include:

  • A description of the issue
  • Steps to reproduce the vulnerability
  • Potential impact
  • Suggested fixes (if available)

We will review all legitimate security reports and work to resolve issues as quickly as possible.

Scope

This policy applies to:

  • Official OrbitBits repositories
  • OrbitBits website
  • OrbitBits services

Third-party dependencies should be reported to their respective maintainers.