The following versions are currently supported with security updates:

Please use the latest version for all security-critical applications.

If you discover a security vulnerability, please do not open a public issue. Instead, report it responsibly by emailing:

v3rlq9xye (at) mozmail (dot) com

Alternatively, you may use GitHub Security Advisories for confidential reporting.

• We will acknowledge your report within 3 business days.
• We will investigate and keep you informed of progress.
• Once resolved, we will credit you (if desired) in the release notes.

• We follow a responsible disclosure process.
• Please allow us time to address the issue before public disclosure.
• We will coordinate a public announcement and release a fix as soon as possible.

All security reports and discussions are subject to our Code of Conduct.

Thank you for helping keep Candlestick and its users safe!