If you discover a security issue in v2rayF, please do not open a public GitHub issue with exploit details.

Instead:

1. Open a GitHub Security Advisory (preferred), or
2. Email the maintainer via the contact listed on the GitHub profile.

Include:

• A clear description of the issue
• Steps to reproduce
• Impact assessment (if known)
• Suggested fix (optional)

We aim to acknowledge reports within 72 hours and provide a fix or mitigation timeline when possible.

• v2rayF application code in this repository
• Build and release workflows in .github/

Out of scope: vulnerabilities in Xray-core itself (report upstream).

Use v2rayF only on networks and servers you are authorized to access. Proxy tools can route sensitive traffic; keep your share links and subscription URLs private.