Skip to content

Security: Tenon-Net/TenonAdmin

SECURITY.md

Security Policy

Reporting a vulnerability

Do not report security vulnerabilities through public issues. TenonAdmin ships as NuGet packages and carries authentication, RBAC, and multi-org data permissions — a public report is a 0-day disclosure against every downstream consumer, before a patch exists.

Use private vulnerability reporting. We aim to respond within 7 days, and will coordinate the fix and disclosure timeline with you.

Supported versions

No release has been published yet; only main is currently supported. This section will list supported version ranges once releases begin.

There aren't any published security advisories