Security updates are provided for the following versions:

Security fixes are generally applied to the main development branch. Other versions are not guaranteed to receive security updates.

We take security issues seriously and appreciate responsible disclosure.

If you believe you have found a security vulnerability in triton-riscv, please report it via email:

• Email: hongbin2019@iscas.ac.cn

Please include as much detail as possible, such as a description of the issue, steps to reproduce, affected versions, and potential impact.

After receiving a vulnerability report, we will acknowledge the report and work to address the issue as soon as possible.

This security policy applies to the triton-riscv codebase and official releases. Security issues in third-party dependencies should be reported to the respective upstream projects when appropriate.

We appreciate the efforts of security researchers and community members who help keep triton-riscv secure. Responsible disclosure helps protect all users of the project.