Only the latest major version of any active Orbit project is supported with security updates.
We take security seriously. If you discover a vulnerability:
- Do not open a public issue.
- Send a private message to the repository owner or use GitHub's private vulnerability reporting feature.
- Include detailed, step-by-step instructions to reproduce the exploit.
We will acknowledge your report within 48 hours and work with you to patch and disclose the issue responsibly.