At FlowSynx, security is a top priority. We are committed to safeguarding our users, their data, and the systems that rely on our software. Rigorous security practices are integrated throughout our software development and release lifecycle to ensure the highest level of protection.
If you identify a potential security issue or vulnerability in FlowSynx, please report it privately to our security team:
Important: Please do not create a public issue or pull request, as this may expose the vulnerability before it is resolved.
We handle every report with urgency and transparency:
-
Acknowledgment
We will confirm receipt of your report within 3 business days. -
Investigation
Our security team will thoroughly investigate the issue and develop a fix or mitigation. -
Resolution Timeline
Confirmed vulnerabilities are typically resolved and released in a patch within 30 days of reporting. -
Coordinated Disclosure
Once a fix is ready, we will coordinate public disclosure with the reporter and include a detailed changelog in the relevant release notes.
The table below outlines supported FlowSynx versions and their security update status:
| Version | Supported | Support Window |
|---|---|---|
| v1.2.0 | ✅ Yes | Until next minor release (v1.3.x) |
| v1.1.4 | 1 month after next minor release | |
| v1.1.3 | ❌ No | End-of-life |
We sincerely appreciate your responsible disclosure and your efforts in helping keep FlowSynx safe for everyone.