If you believe you have found a security vulnerability in ORBIT, please do not open a public issue with exploit details.
Instead:
- use the repository hosting platform's private vulnerability reporting feature if it is available
- otherwise contact the maintainers through a private channel associated with the repository owner
Please include:
- a clear description of the issue
- affected versions or commits if known
- reproduction steps or a proof of concept when safe to share
- any suggested mitigations or patches
Maintainers will aim to:
- acknowledge the report promptly
- evaluate severity and impact
- work toward a fix or mitigation
- coordinate disclosure timing when appropriate
This policy applies to vulnerabilities in the code and official project assets in this repository.
It does not guarantee support for:
- third-party services outside this repository
- vulnerabilities caused entirely by local misconfiguration
- issues in unrelated adjacent repositories unless this repository is directly responsible for the integration behavior