The latest commit on main is actively supported.

Please do not open public GitHub issues for security vulnerabilities.

Use one of the following private channels:

• Email: security@feberdin.de
• GitHub Security Advisory: Security tab in this repository

Please include:

• A clear description of the vulnerability
• Steps to reproduce
• Potential impact
• Suggested mitigation (if known)

• Initial response target: within 72 hours
• Triage and severity assessment after acknowledgement
• Fix prepared and validated
• Coordinated disclosure after fix is available

This policy covers:

• Source code in this repository
• Installation and runtime behavior of the Home Assistant integration

Out of scope:

• Vulnerabilities in Home Assistant Core itself
• Vulnerabilities in third-party dependencies outside this repository