This project is pre-release. Security fixes target the current main branch.

Do not open a public issue for vulnerabilities that expose credentials, pairing data, or local network details.

Report privately through GitHub's private vulnerability reporting if it is enabled for the repository. If it is not enabled, contact the repository owner through the GitHub profile linked from the repository.

Please include:

• A short description of the issue.
• Steps to reproduce.
• Whether local pairing credentials, PINs, or network identifiers are exposed.
• The affected commit or release, if known.

Do not include these in issues, logs, or screenshots:

• Pairing PINs.
• ~/.appletv_remote/pyatv_storage.json.
• Local hostnames, IP addresses, or device identifiers unless they are redacted.