Security updates are provided for the latest released minor line.
| Version | Supported |
|---|---|
| 0.1.x | Yes |
| < 0.1.0 | No |
Please report suspected vulnerabilities privately by email:
Do not open public GitHub issues for security vulnerabilities.
When reporting, include:
- A clear description of the issue and impact
- Steps to reproduce or a proof of concept
- Affected version(s) and environment details
- Any suggested mitigation (if known)
If you find scam campaigns, impersonation, or fake token promotions using Quoroom branding, report privately:
When reporting, include:
- Links to websites, repos, social profiles, or token pages
- Screenshots and timestamps
- Wallet addresses, contract addresses, and chain/network details (if relevant)
Only trust:
https://quoroom.aihttps://github.com/quoroom-ai
Quoroom will never ask for your seed phrase or private key.
Our target response and disclosure expectations:
- Acknowledgement within 3 business days
- Initial triage and impact assessment within 7 business days
- Status updates at least every 14 days while remediation is in progress
- Coordinated public disclosure after a fix is available, or within 90 days of acknowledgement when possible
If active exploitation is detected, we may adjust the timeline to protect users.