# Security Policy ## Supported versions Only the latest published release of [`node-vault-client`](https://www.npmjs.com/package/node-vault-client) receives security fixes. ## Reporting a vulnerability Please **do not** open a public GitHub issue for security vulnerabilities. Use GitHub's [private vulnerability reporting](https://github.com/namecheap/node-vault-client/security/advisories/new) to report a vulnerability confidentially. We will acknowledge receipt within 5 business days and aim to release a fix within 30 days for confirmed issues. Alternatively, email `opensource@namecheap.com` with the subject line `[SECURITY] node-vault-client`.