Latest release only. Given codeweaver's pre-1.0 status, only the most recent GitHub Release is supported. Older releases receive no security patches.

Email security disclosures to engineering@paire.io. Best-effort acknowledgment within 7 days of receipt.

Do not file security issues as public GitHub Issues — please use the email address above.

In scope:

• Vulnerabilities in the codeweaver binary itself
• Supply-chain concerns (dependency vulnerabilities)

Out of scope:

• Neuroloom backend services, the Neuroloom plugin, or other Neuroloom products — those have separate disclosure channels.