From 5b40ad3de39e17f4a7346cb7b9bef4c8f426b64d Mon Sep 17 00:00:00 2001
From: TouwfiQ Meghlaoui <51855906+tooinfinity@users.noreply.github.com>
Date: Thu, 28 May 2026 02:51:38 +0100
Subject: [PATCH] Revise security policy for vulnerability reporting

Updated the security policy to emphasize private reporting of vulnerabilities and removed the supported versions table.
---
 SECURITY.md | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..e7943a3
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,13 @@
+# Security Policy
+
+**PLEASE DON'T DISCLOSE SECURITY-RELATED ISSUES PUBLICLY, [SEE BELOW](#reporting-a-vulnerability).**
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability, please report it privately using one of the following channels:
+
+1. **GitHub Private Vulnerability Reporting** (preferred) — go to the repository's **Security** tab and click **"Report a vulnerability"**. This creates a private advisory visible only to maintainers and provides a structured workflow for triage, fix coordination, and CVE assignment.
+
+2. **Email** — send the details to [TouwfiQ Meghlaoui] at **touwfiqdev@gmail.com**.
+
+All security vulnerabilities will be promptly addressed.