Nibble is an actively maintained CLI network scanning tool. We only provide security updates for the latest major release.
We strongly encourage all users to stay up-to-date. You can upgrade to the latest secure version using your preferred package manager:
- macOS (Homebrew):
brew upgrade nibble - Linux (APT):
sudo apt upgrade nibble - Windows (Winget):
winget upgrade nibble
We take the security of nibble and our users' networks very seriously. If you discover a security vulnerability within nibble, please report it to us privately.
Please do not publicly disclose the vulnerability in public issues or discussions until it has been addressed.
GitHub Private Vulnerability Reporting (Preferred) The fastest and most secure way to report an issue is through GitHub's private reporting feature:
- Navigate to the Security tab.
- Click Report a vulnerability.
- Provide a clear description of the vulnerability, including steps to reproduce it and its potential impact.
Alternative Method If you cannot use the GitHub Security tab, please open a generalized GitHub Issue stating you have a security concern and request a secure communication channel (do not include sensitive vulnerability details in the issue itself).
- Acknowledgment: We aim to review and acknowledge receipt of your vulnerability report.
- Triage & Investigation: We will investigate the issue and determine its impact on the tool. We may reach out to you securely for further details, logs, or clarification.
- Resolution: If the vulnerability is confirmed, we will develop a patch and issue a new release across our supported package managers as quickly as possible.
- Disclosure & Credit: Once the patch is released and users have had a reasonable window to update