Skip to content

Security: ArkTechNWA/vauth

Security

SECURITY.md

Security Policy

Supported Versions

Version Supported
0.1.x

Reporting a Vulnerability

If you discover a security vulnerability in vauth, please report it responsibly.

Do NOT open a public GitHub issue for security vulnerabilities.

Instead, email: security@arktechnwa.com

You should receive a response within 72 hours. We will work with you to understand the issue, confirm it, and develop a fix before any public disclosure.

Scope

vauth is a software authenticator. Its threat model is documented in THREAT_MODEL.md. Please review it before reporting — known limitations (e.g., "root can bypass UV") are documented and are inherent to the architecture, not bugs.

There aren't any published security advisories