Only the latest main branch is supported with security updates.

• Email: security@vscanx.local (replace with your org address)
• Please include: affected version/commit, reproduction steps, impact, and suggested fixes if known.
• We aim to acknowledge within 2 business days and provide a fix or mitigation ETA.

• Only test systems you own or have explicit written permission to test.
• Do not test third-party services without authorization.
• Respect applicable laws and rules of engagement at all times.

• Do not share scan outputs publicly; they may contain sensitive target details.
• We will not request authentication tokens or credentials; redact them from any shared logs.