Currently, only the latest main branch is actively supported with security updates. We do not yet maintain long-term support (LTS) releases for SAM3.

We take the security of SAM3 seriously. If you discover a security vulnerability, please DO NOT open a public issue.

Instead, please report the vulnerability privately via one of the following methods:

1. GitHub Security Advisories: If this project has Private Vulnerability Reporting enabled, go to the "Security" tab on the GitHub repository and click "Report a vulnerability".
2. Email: If you are unable to use the GitHub UI, please directly email the project maintainers.

When reporting a vulnerability, please provide:

• A description of the vulnerability.
• Steps to reproduce the vulnerability (including any specific inputs, models, or configurations).
• The potential impact on users.
• If known, any potential mitigation or fix for the issue.

You should receive an initial response to your report within 72 hours. We will keep you informed of our progress towards a fix and full announcement.