Files
wehub-resource-sync 3f679793e8
Linting and Formatting / lint-and-format (push) Has been cancelled
Tests / test (3.10) (push) Has been cancelled
Tests / test (3.11) (push) Has been cancelled
Tests / test (3.12) (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 12:40:50 +08:00

1.4 KiB

Security Policy

Supported Versions

Security fixes are applied to the latest released version of RAG-Anything. We recommend always running the most recent release.

Version Supported
1.3.x
< 1.3

Reporting a Vulnerability

Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.

Instead, report them privately through GitHub's built-in private vulnerability reporting. This opens a confidential channel visible only to the maintainers.

When reporting, please include as much of the following as you can:

  • A description of the vulnerability and its impact.
  • The affected version(s) and, where relevant, the component (e.g. document parsing, a specific modal processor, batch processing).
  • Steps to reproduce, or a proof-of-concept.
  • Any known mitigations or workarounds.

What to Expect

  • Acknowledgement: we aim to acknowledge new reports within 5 business days.
  • Assessment: we will investigate, confirm the issue, and keep you updated on our progress.
  • Fix & disclosure: once a fix is ready we will release it and, with your agreement, publicly credit your contribution. Please give us a reasonable window to ship the fix before any public disclosure.

Thank you for helping keep RAG-Anything and its users safe.