# Security Policy

## Supported Versions

Only the latest version is supported.
Please ensure that you're always using the latest release.

Binaries and Docker images are rebuilt nightly using the latest versions of dependencies.

## Reporting a Vulnerability

If you believe you have discovered a security issue directly affecting FrankenPHP,
please do **NOT** report it publicly but send a detailed report to [kevin+frankenphp-security@dunglas.dev](mailto:kevin+frankenphp-security@dunglas.dev?subject=Security%20issue%20affecting%20FrankenPHP).

Only vulnerabilities directly affecting FrankenPHP should be reported using this email.
Flaws affecting components used by FrankenPHP (PHP, Caddy, Go...) or using FrankenPHP (Laravel Octane, PHP Runtime...) should be reported to the relevant projects.