# Security Policy ## Supported Versions | Version | Supported | | ------- | ------------------ | | 10.0.x | :heavy_check_mark: | | 9.1.x | :heavy_check_mark: | | < 9.1 | :x: | ## Reporting a Vulnerability If you think you have found a possible vulnerability please reach out to the _private_ project mailing list private@nuttx.apache.org or the Apache Security list security@apache.org. Please **DO NOT** create a GitHub issue or email the project dev list as they are public. This project follows the Apache Vulnerability Handling Policy documented [here](https://www.apache.org/security/committers.html#vulnerability-handling).