Security Policy
May 19, 2026 ยท View on GitHub
The Nerves project takes security seriously. Thank you for helping keep Nerves and its users safe.
Reporting a Vulnerability
Please do not report security vulnerabilities through public GitHub issues, pull requests, or discussions.
Instead, report them privately using either of the following:
- Email security@nerves-project.org
- Use GitHub's "Report a vulnerability" button under the Security tab of the affected repository
Please include as much of the following as you can:
- The repository and version affected
- A description of the issue and its impact
- Steps to reproduce, or a proof-of-concept
- Any suggested mitigations
We will acknowledge your report, work with you on a fix, and coordinate disclosure once a release is available.