As TeamFlow is currently in active development, only the latest version on the main branch receives security updates.
If you discover a security vulnerability in TeamFlow, please do not open a public GitHub issue, as this could put other users at risk.
Instead, please report it privately by emailing:
Please include the following in your report:
- A clear description of the vulnerability
- Steps to reproduce the issue
- Potential impact or attack scenario
- Any suggested fix (optional but appreciated)
You can expect an initial response within 48 hours and a resolution update within 7 days. If the vulnerability is confirmed, we will work on a fix and credit you in the release notes (unless you prefer to remain anonymous).
We appreciate responsible disclosure and thank you for helping keep TeamFlow secure.