Only the latest release of NeuralInverse CE is actively supported with security fixes.
| Version | Supported |
|---|---|
| Latest | Yes |
| Older | No |
Please do not report security vulnerabilities via GitHub Issues.
If you discover a security vulnerability, email us directly at:
Include as much detail as possible:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fix (optional)
We will acknowledge your report within 48 hours and aim to release a fix within 14 days depending on severity.
We appreciate responsible disclosure and will credit you in the release notes unless you prefer to remain anonymous.
This policy covers the NeuralInverse CE codebase. For vulnerabilities in upstream VS Code, please report to the Microsoft Security Response Center.
Note: NeuralInverse CE is a BYOLLM (Bring Your Own LLM) tool -- your API keys and code never leave your machine. No data is sent to NeuralInverse servers in the community edition.