• Active branches: main (unstable), latest minor release.

Email security@tesseracore.org with:

• Description, impact, PoC
• Affected versions
• Your contact for coordination

We aim to:

• Acknowledge within 72 hours
• Provide a fix & advisory as soon as feasible
• Credit reporters (optional)

Please do not open public issues for security reports.