The Next Gen C++ Foundation (ngcpp) takes security seriously. If you believe you have found a security vulnerability in this repository, please report it responsibly.
Please do not report security vulnerabilities through public GitHub issues.
Instead, please create a private security advisory at:
If you need to share additional details that do not fit in the advisory, you may email:
Please include as much of the following as possible to help us triage quickly:
- Type of issue (e.g., buffer overflow, RCE, etc.)
- Affected file paths and versions/commits
- Reproduction steps and any required configuration
- Proof-of-concept (if available)
- Impact assessment
We aim to acknowledge reports within 72 hours.