Security fixes will be applied to the active development line and to any released versions that are still explicitly maintained.

If you believe you have found a security issue in VaultX, please report it responsibly and do not open a public issue.

Include as much detail as possible:

• A concise summary of the issue.
• The affected contract module, UI screen, or workflow.
• Reproduction steps or proof of concept.
• The expected impact and severity.

Please send reports through GitHub's private security reporting flow if available. If that is unavailable, contact the repository owner directly and mark the message as security-sensitive.

We will acknowledge the report, investigate the impact, and coordinate a fix before public disclosure when possible.