If you believe you have found a security issue affecting a public NeuroCAD repository, do not open a public issue.
Please report it privately to:
office@neurocad.eu
Include the following when possible:
- affected repository
- affected file, endpoint, or workflow
- reproduction steps
- expected impact
- any proof-of-concept material required to validate the report
This policy applies to the public repositories under the NeuroCAD GitHub organization.
It does not grant permission to attack production systems, private infrastructure, or third-party services.
We will review reports in good faith and aim to:
- acknowledge receipt
- validate the issue
- classify severity
- coordinate remediation when required
Please allow reasonable time for validation and remediation before any public disclosure.