qsv has a very rapid release tempo, with at least one release/week. It has a built-in self-update engine that makes it very convenient to upgrade to the latest version. As such, only the latest release will have security updates.

If you've found a vulnerability, please create an issue in GitHub.

However, if a vulnerability is severe and could lead to zero-day exploits, please send an email to qsv-severe@datHere.com instead.

The vulnerability report will be addressed within one business day. A mitigation/workaround, if available, will be included in the next release and mentioned in the changelog, with zero-day mitigations only being mentioned only when it's been fully fixed.