Only the latest version of RISC-V_CPU is actively supported with security fixes.

If you discover a security issue, functional flaw, or design behavior that could impact reliability or system safety:

• Do not open a public issue
• Contact the project maintainer privately
• Provide a clear description of the issue and steps to reproduce it (simulation details preferred)

Responsible disclosure is encouraged and appreciated.

Security concerns include, but are not limited to:

• Privilege escalation flaws
• CSR or exception handling vulnerabilities
• Memory protection issues
• Undefined or unsafe RTL behavior