The tui-cs community takes the security of PSTui seriously. Thank you for helping keep PSTui and its users safe.

Security fixes are made against the latest published release of PSTui on the PowerShell Gallery. Please make sure you can reproduce an issue on the latest version before reporting it.

Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.

Instead, report them privately using GitHub's private vulnerability reporting (the Security → Report a vulnerability button on the repository). If you are unable to use that, email the maintainer at tig@kindel.com with PSTui security in the subject line.

Please include as much of the following as you can, to help us triage quickly:

• The type of issue and its impact (what an attacker could do).
• The affected version(s), and the file(s) / location in the source.
• Step-by-step instructions to reproduce, plus any required configuration.
• Proof-of-concept or exploit code, if you have it.

• We aim to acknowledge new reports within a few days.
• We will keep you informed as we investigate and work on a fix.
• Once a fix is released, we are happy to credit you in the release notes unless you prefer to remain anonymous.

We follow the principle of Coordinated Vulnerability Disclosure: please give us a reasonable opportunity to release a fix before any public disclosure.