# Security Policy
We support the latest stable release of `bibsync`. Please ensure
you are using the most recent version before reporting a security issue.
| Latest | Yes |
| < 1.0 | No |
## Reporting a Vulnerability
Report security vulnerabilities using GitHub's private vulnerability reporting
feature from the repository Security tab. Please do not open a public issue for
security reports.
We aim to acknowledge reports within 24 hours, investigate within 3-5 business
days, and publish a fix and advisory when appropriate.