NI views the security of our software products as an important part of our commitment to our users. This includes source code repositories managed through the NI GitHub organization.
We encourage you to report security vulnerabilities to us privately so we can follow the principle of Coordinated Vulnerability Disclosure (CVD). This allows us time to thoroughly investigate security issues and publicly disclose them when appropriate.
Please do not report security vulnerabilities through public GitHub issues.
Instead, please report them by sending an email to [email protected] with sufficient details about the type of issue, the impact of the issue, and how to reproduce the issue. You may use the NI PGP key to encrypt any sensitive communications you send to us. When you notify us of a potential security issue, our remediation process includes acknowledging receipt and coordinating any necessary response activities with you.
To learn more about NI Security, please see https://ni.com/security