AOS is committed to ensuring the security and integrity of our codebase and services. We take vulnerabilities seriously and appreciate your help in responsibly disclosing them.
We follow a rolling support policy and continuously maintain the latest active code.
| Version | Status |
|---|---|
| 2025+ | β Supported |
| Older (<2025) | β Not Supported |
If you believe you've found a security vulnerability or critical issue, please report it confidentially and responsibly.
π§ Email: [email protected]
Please include as much detail as possible:
- Description of the vulnerability
- Steps to reproduce
- Affected components or files
- Suggested fixes or mitigations (if known)
We aim to acknowledge reports within 48 hours and resolve critical issues quickly, with private coordination before any public disclosure.
We prefer responsible disclosure and private discussion to ensure all users are protected before details are published. Once fixed, we may publish advisories and changelogs if necessary.
Please do not:
- Share vulnerabilities publicly before disclosure and patching
- Use exploits on production systems or user accounts
- Perform any testing that violates user privacy or service integrity
Thank you for helping us keep AOS and its users secure.