Security vulnerability reports will be accepted and acted upon only for the supported versions of PypeIt, listed in the table below.

If you have found a security vulnerability, please report it as soon as possible either by email or via a direct message to a PypeIt developer using one of our Slack spaces.

Do not report the issue on GitHub for confidentiality reasons.

Vulnerabilities will be accepted and acted on based on an assessment of their severity and risk to our users. We will always respond to vulnerability reports and explain our assessment and related action.