Skip to content

Security: andreicscs/HoneyWire

SECURITY.md

Security Policy

For security and trust boundaries insights, see the THREATMODEL.md.

Reporting a Vulnerability

Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests. To ensure the safety of the community and prevent premature disclosure of exploits, we utilize GitHub Private Vulnerability Reporting.

How to report:

  1. Go to the Security tab of this repository.
  2. Click Report a vulnerability under the Advisories section.
  3. Provide a clear description of the vulnerability, including:
    • The affected component (Hub, specific Sensor, or SDK).
    • Steps to reproduce the exploit.
    • The potential impact (e.g., DoS, Remote Code Execution, Authentication Bypass).
    • Any potential mitigation or fix you might suggest.

Optionally you can send an email at info@honeywire.dev.

As a solo maintainer, I will do my best to acknowledge receipt of your vulnerability report and will work with you to patch the issue before a public CVE or advisory is published.

Thank you for helping keep HoneyWire secure!

There aren't any published security advisories