| Version | Supported |
|---|---|
| 1.0.x | ✅ |
We take security seriously. If you discover a security vulnerability, please report it responsibly.
- Do NOT open a public issue
- Email: security@soulbrowser.dev
- Include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)
- Acknowledgment: Within 48 hours
- Initial Assessment: Within 7 days
- Resolution: Depends on severity
| Severity | Response Time | Examples |
|---|---|---|
| Critical | 24-48 hours | Remote code execution, data leak |
| High | 7 days | Authentication bypass, XSS |
| Medium | 30 days | Information disclosure |
| Low | 90 days | Minor issues |
When using Soul Browser:
- Keep Updated: Always use the latest version
- Verify Downloads: Check SHA-256 checksums
- Use HTTPS: Enable HTTPS-only mode
- Review Extensions: Only install trusted extensions
- Proxy Security: Use secure proxy connections
- We practice coordinated disclosure
- Credit will be given to reporters (unless anonymity requested)
- We do not pursue legal action against good-faith security researchers
Soul Browser includes:
- Automatic HTTPS upgrading
- Certificate validation
- XSS protection
- Mixed content blocking
- Cryptojacking blocker
- Phishing protection
Thank you for helping keep Soul Browser secure!