I currently maintain security updates for:
| Version | Supported |
|---|---|
| 1.x.x | ✅ |
| < 1.0 | ❌ |
There has been an extreme uptick in AI generated security advisories being submitted for Flare that are either not real security issues or just flat out wrong. I am someone who is optimistic about AI and use it in my daily workflows, but please do not use it to larp as a security researcher and waste my free, unpaid time validating your advisory. It will not be met with kindly.
Please ensure that all advisories are opened with a full manual validation of the issue and a demonstrated full understanding by you, the reporter. Please do not waste my time.
Found a security issue in Flare? Thanks for looking out! You can report it in two ways:
-
Click Report a vulnerability in the top right corner.
-
Email
- If you prefer email: me@fl1nt.dev
- Please include "SECURITY" in the subject
When reporting, it helps if you can provide:
- What the issue is
- How to reproduce it
- What could happen if exploited
Once you report something:
- I'll confirm I received it when I can
- I'll investigate and let you know what I find
- Once fixed, I'll release a patch and credit you (if you want)