We strongly recommend always running the latest stable version.

If you discover a security vulnerability in Bluebird OS, please do not open a public GitHub issue.

Instead, report it privately:

1. Email — Contact the LAMN-NOBERT team directly through our community channels (Telegram or Discord) with the subject line: [SECURITY] Brief description
2. GitHub Security Advisories — Use the private Security Advisory feature on GitHub

• Description of the vulnerability
• Steps to reproduce it
• Potential impact
• Your suggested fix (if you have one)

• We will acknowledge your report within 72 hours
• We will investigate and keep you informed of our progress
• Once fixed, we will credit you in the release notes (unless you prefer to remain anonymous)
• We ask that you give us reasonable time to fix the issue before any public disclosure

Bluebird is open source and we take security seriously. Because users trust Bluebird as their launcher and OS environment, we have a responsibility to respond to vulnerabilities quickly and transparently.

Thank you for helping keep Bluebird and its users safe. 🐦