Colanode takes security seriously. If you discover a vulnerability, please report it privately and avoid public disclosure until we’ve had a chance to investigate.

• Preferred: Use GitHub Security Advisories for this repository to submit a private report.
• If you cannot use GitHub Security Advisories, contact the maintainers via the email listed on the Colanode GitHub organization profile.

Please include:

• A clear description of the issue and its impact.
• Steps to reproduce (including any relevant configuration).
• A proof of concept, if available.
• Affected components (server, web, desktop, mobile) and versions/commits.

We’ll acknowledge receipt and work on a fix. Coordinated disclosure helps protect users—thank you for reporting responsibly.