The following versions of Claude Code are currently supported with security updates:
| Version | Supported |
|---|---|
| 0.3.x | ✅ |
| 0.2.x | ✅ |
| < 0.2 | ❌ |
We take the security of Claude Code seriously. If you believe you've found a security vulnerability, please follow these steps:
- Do not disclose the vulnerability publicly
- Open a private vulnerability report through the GitHub repository's Security tab
- Include steps to reproduce
- Include potential impact
- If possible, include suggestions for remediation
- Allow time for response and remediation
- We aim to respond to security reports within 72 hours
- We'll keep you updated on our progress addressing the issue
When a security vulnerability is reported:
- We will confirm receipt of the vulnerability report
- We will investigate and validate the reported issue
- We will develop and test a fix
- We will release a security update
- We will publicly disclose the issue after a fix is available
- Keep Claude Code updated to the latest supported version
- Regularly update Neovim and related plugins
- Be cautious when sharing sensitive information with AI assistants
- Follow the principle of least privilege when configuring Claude Code
- Review Claude Code's integration with external tools
Security updates will be released as:
- Patch versions for supported releases
- Announcements in our release notes
- Updates to the CHANGELOG.md file
No formal security advisories have been issued for this project yet.