| Version | Supported |
|---|---|
| latest | ✅ |
If you discover a security vulnerability in Armur, please report it responsibly:
- Do not open a public GitHub issue
- Email security@armur.ai with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- You will receive a response within 48 hours
- We will coordinate a fix and disclosure timeline with you
The following are in scope:
- The Armur CLI binary (
armur) - The Armur server (
armur-server) - The Armur Docker images
- The Armur API endpoints
We maintain a Security Hall of Fame for responsible disclosures. Contributors who report valid vulnerabilities will be credited (with their permission) in our release notes.