Since the beginning of 2023 we are releasing versions of EVerest in a monthly cadence, with additional stable releases every 3 months. The specifics of this release process are outlined in RELEASE.md.

If you found a vulnerability, we are super keen and grateful to get the details. Please use this private mailing list to let us know: [email protected]

Please DON'T use the publicly visible issue reporting functionality from GitHub! Alternatively you can use the "Report a vulnerability" feature on Github which should be enabled in all repositories. For example for everest-core you can find this here: https://github.com/EVerest/everest-core/security

We try to monitor this list and respond every working day, but in in initial respond time should not go beyond 7 days. Please provide us with your estimation of the severity of your finding. Every other information on how to exploit it as well as everything else you could provide is helpful, please also orient yourself on our questionary for non security related issue reporting: https://github.com/EVerest/everest/issues/new?assignees=&labels=&template=bug_report.md&title=