CyberChef is supported on a best endeavours basis. Patches will be applied to the latest version rather than retroactively to older versions. To ensure you are using the most secure version of CyberChef, please make sure you have the latest release. The official live demo is always up to date.
In most scenarios, the most appropriate way to report a vulnerability is to raise a new issue describing the problem in as much detail as possible, ideally with examples. This will obviously be public. If you feel that the vulnerability is significant enough to warrant a private disclosure, please email [email protected] and [email protected].
Disclosures of vulnerabilities in CyberChef are always welcomed. Whilst we aim to write clean and secure code free from bugs, we recognise that this is an open source project written by analysts in their spare time, relying on dozens of open source libraries that are modified and updated on a regular basis. We hope that the community will continue to support us as we endeavour to maintain and develop this tool together.