Add SECURITY.md with security policy

SECURITY.md

@@ -0,0 +1,30 @@
+# Security Policy
+
+## Supported Versions
+
+The following table lists which versions of the project are currently supported with security updates:
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 5.1.x   | ✅                 |
+| 5.0.x   | ❌                 |
+| 4.0.x   | ✅                 |
+| < 4.0   | ❌                 |
+
+## Reporting a Vulnerability
+
+We take security issues seriously and appreciate your help in keeping this project safe for everyone.
+
+- **Where to report:** Please open a security advisory via GitHub’s [Security tab](https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/creating-a-security-advisory) or email the maintainers directly if listed in the repository.
+- **Response time:** You can expect an initial response within 72 hours. We will provide regular updates until the issue is resolved.
+- **What to include:** 
+  - A clear description of the vulnerability
+  - Steps to reproduce (if applicable)
+  - Potential impact
+  - Suggested fixes or mitigations (optional)
+- **Process:** 
+  - If the vulnerability is accepted, we will work on a fix and release a patched version.
+  - If declined, we will explain why and may suggest alternative mitigations.
+- **Confidentiality:** Please do not disclose the vulnerability publicly until a fix has been released and coordinated with the maintainers.
+
+Thank you for helping us improve the security of this project!