Probe
OpenAPI Start checking

Security

Security policy and disclosure path.

Report vulnerabilities privately. Do not open a public issue with exploit details.

Supported versions

Kordu Probe is currently pre-1.0.0.

VersionSupported
mainYes
0.x tags older than the latest releaseBest effort only

The hosted service and the repository may move quickly while the project is pre-1.0.0. Security fixes will be prioritized, but compatibility guarantees are still limited during this phase.

Reporting a vulnerability

Preferred reporting path, in order:

  1. Use GitHub private vulnerability reporting for this repository once it is enabled.
  2. If that is unavailable, email iyda@kordu.gg with the subject Kordu Probe security report.
  3. If neither channel is available yet, do not publish exploit details. Ask for a private contact path first.

The service is maintained by KORDU LTD (Company No. 16836154).

When reporting an issue, include:

  • A clear description of the vulnerability
  • Affected paths or endpoints
  • Reproduction steps or a proof of concept
  • Impact assessment
  • Suggested mitigations if you have them

We aim to acknowledge valid reports quickly, investigate privately, and coordinate a fix before public disclosure.