At MindsDB, we consider the security of our systems a top priority. However, no matter how much effort we put into system security, there can still be vulnerabilities present. Supported Versions
MindsDB only offers security patches for the following versions
| Version | Supported |
|---|---|
| >=23.6.1.1 | ✅ |
If you discover a security vulnerability, we appreciate your efforts to responsibly disclose your findings by sending an email to hello@mindsdb.com, providing as much detail as you can. Please do not publicly disclose these details without express consent from us.
Upon receiving your email, our security team will assess and respond to your report. We strive to keep all communication channels open with you to address your report effectively. Disclosure Policy
Once we have received and evaluated your vulnerability report, MindsDB commits to:
- Confirm the receipt of your report
- Assess the vulnerability report to confirm its validity
- Work on a fix and update the impacted versions
- Publicly disclose the vulnerability after it has been addressed, giving credit to the reporter if they wish
If you have any suggestions to improve this policy, please let us know. We are committed to ensuring that our policy works effectively for everyone involved.
Thank you for helping to make MindsDB safer for everyone.