Security Policy
April 14, 2026 ยท View on GitHub
Supported Versions
Security issues should be reported for the latest maintained branch and current production-ready code.
Reporting a Vulnerability
Please do not open public GitHub issues for security vulnerabilities.
Report vulnerabilities privately:
- Telegram: @ilyarolf_dev
When possible, include:
- affected area or feature
- steps to reproduce
- impact assessment
- logs, screenshots, or payload examples if safe to share
Sensitive Areas
Please report issues responsibly if they affect:
- payment callbacks
- invoice creation
- wallet withdrawals
- admin authorization
- webhook validation
- referral abuse
- multibot token handling
We will review reports as quickly as possible and coordinate remediation privately where needed.