The supported version will always be the most recent version. We do not maintain parallel supported versions with security updates.

To report a vulnerability in this software, please contact us on hello@hcommons.org specifying that you have found a security vulnerability in Profiles/the IDMS stack. This will then be passed to a developer. We aim to fix vulnerabilities within 180 days, as per CVE standards. However, in reality, we hope to deploy fixes much sooner than this, typically within a two-week window.