Currently, the master branch corresponding to the latest protocol implementation is supported with security updates.

If you discover a security vulnerability within bedrock-protocol or RaknetCS, please do not disclose it publicly.

Instead, please send an email to the repository maintainers or use GitHub's private vulnerability reporting feature on the repository page.

We will endeavor to respond to all vulnerability reports within 48 hours. If the vulnerability is confirmed, a patch will be prepared and released as soon as possible.