We currently only support the latest version of AuditFlow.

Please do not report security vulnerabilities through public GitHub issues.

If you discover a potential security vulnerability in AuditFlow, please help us fix it by reporting it privately. You can send an email to [YOUR_EMAIL_HERE].

• A description of the vulnerability.
• Steps to reproduce the issue (PoC).
• Potential impact if exploited.

We will acknowledge your report within 48 hours and provide a timeline for a fix if the vulnerability is confirmed. We request that you do not disclose the issue publicly until we have had a chance to address it.

As AuditFlow is a tool designed for compliance, we aim for "Security-by-Design." However, during this Alpha Phase, the tool should be used for testing and development environments rather than as the sole source of truth for production compliance.