Security patches are provided only for the latest stable release:
| Version | Security Support |
|---|---|
| 1.0.x | β Supported |
| 0.x | β Unsupported |
If you discover a vulnerability or believe you have found a security issue,
- please report it privately and confidentially.
Contact:
π§ Security Contact
To support an efficient investigation, please include when possible:
- Description of the vulnerability
- Steps to reproduce the issue
- Screenshots or log snippets
- Severity and potential impact
- Your contact for follow-up communication
You will receive a confirmation within 48 hours.
All vulnerability reports are carefully evaluated:
| Severity | Example Impact |
|---|---|
| π΄ Critical | Remote code execution, data breach, bypass of security controls |
| π High | Tampering or unauthorized access to user data |
| π‘ Medium | Feature degradation or limited access risks |
| π’ Low | Minor UI or non-security defects |
Once verified, the process includes:
- Patch development
- Testing & validation
- Release update
- Coordinated disclosure
We kindly ask security researchers to avoid public disclosure
- until a patch has been published and users are protected.
Your responsible behavior is highly appreciated and helps us improve the safety of all users.
To mitigate risks, we recommend:
- Always use the latest version
- Install VLC from official and trusted sources
- Avoid untrusted media files
- Keep graphics drivers and OS fully updated
Β© Thorsten Bylicki β Β© BYLICKILABS.
All rights reserved.
π‘ Security is mission-critical.
- Thank you for supporting the protection and integrity of the AURORA Media Engine.