From c470b9a3660baa8c84e5ed3c5ffcb346aa7cfcc0 Mon Sep 17 00:00:00 2001
From: James Rich <2199651+jamesarich@users.noreply.github.com>
Date: Wed, 25 Mar 2026 10:18:51 -0500
Subject: [PATCH] Revise security policy for supported versions and reporting

Updated the security policy to clarify supported versions and reporting process.

Signed-off-by: James Rich <2199651+jamesarich@users.noreply.github.com>
---
 SECURITY.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 000000000..dc4df33df
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,12 @@
+# Security Policy
+
+## Supported Versions
+
+| App Version      | Supported          |
+| ---------------- | ------------------ |
+| 2.7.x            | :white_check_mark: |
+| <= 2.6.x         | :x:                |
+
+## Reporting a Vulnerability
+
+We support the private reporting of potential security vulnerabilities. Please go to the Security tab to file a report with a description of the potential vulnerability and reproduction scripts (preferred) or steps, and our developers will review.