Skip to content

Security: cogitave/editor

SECURITY.md

Security Policy

Reporting a vulnerability

Do not open a public issue for security problems.

Use GitHub private vulnerability reporting (Security → Report a vulnerability) on the affected repo, or email security@cogitave.com.

Please include: affected component/version, impact, and reproduction steps.

Process

  • Acknowledgement within 2 business days.
  • Triage + severity (CVSS) and remediation plan; coordinated disclosure.
  • We credit reporters unless anonymity is requested.

Supported

Security fixes target the latest released minor of each product. See each repo's SECURITY.md for product-specific scope.

There aren't any published security advisories