We support the latest major and minor releases of Syrx and its database provider packages. Older versions may receive security fixes at the maintainers' discretion.

If you discover a security vulnerability in Syrx or any related package:

1. Do not open a public issue.
2. Email us directly at [email protected] with:
   • A description of the vulnerability
   • Steps to reproduce
   • Impact assessment
   • Any suggested remediation
3. We will respond within 72 hours and coordinate a fix and disclosure timeline.

We ask that you:

• Give us time to investigate and address the issue before public disclosure
• Do not exploit the vulnerability for malicious purposes
• Do not share details with others until a fix is published

• Always use the latest stable version of Syrx and its providers
• Keep your .NET runtime and dependencies up to date
• Use parameterized queries to prevent SQL injection
• Store connection strings securely (environment variables, secret managers)
• Use least privilege for database accounts

• [email protected]
• https://github.com/Syrx/Syrx/security/advisories

We appreciate responsible security research and will credit reporters in our advisories unless requested otherwise.