The following table shows the versions currently being supported with security updates:

If you discover a security vulnerability in PyPulse, please report it privately and responsibly. Do not open public issues regarding vulnerabilities.

To report a security issue, please email:

📧 zabbix@ztrunk.space (fictional email – replace with a real one if needed)

Please include:

• A detailed description of the issue.
• Steps to reproduce (if applicable).
• Any relevant logs, stack traces, or screenshots.
• Your contact information for follow-up.

We aim to respond to security issues within 72 hours.

If you are using PyPulse, consider the following to keep your environment secure:

• Do not load untrusted web content in embedded windows.
• Always sanitize URLs and HTML content passed into PyPulse.
• Run PyPulse applications with least privilege – avoid running as root.
• Keep your Python environment and dependencies updated.
• Ensure you are using secure Chromium flags (disable remote debugging, enable site isolation, etc.).

We periodically audit our dependencies using pip-audit or similar tools. If you notice a vulnerable dependency that we missed, please report it.

We support responsible disclosure and will credit reporters in our release notes unless anonymity is requested.

Thank you for helping make PyPulse more secure!