CyberChef is supported on a best endeavours basis. Patches will be applied to the latest version rather than retroactively to older versions. To ensure you are using the most secure version of CyberChef, please make sure you have the latest release. The official website is always up to date.
No guarantee is offered for the correctness or security of CyberChef. In paticular, the security of cryptographic operations should not be relied upon.
If you discover a vulnerability in CyberChef, please do not publicly disclose it, and do not create a GitHub issue.
Instead, send an email as soon as possible to CyberChefSecurity@gchq.gov.uk. The report will be acknowledged and actioned urgently by the CyberChef maintainers.
If you do not receive a timely acknowledgement, please notify oss@gchq.gov.uk and CyberChef@gchq.gov.uk of your vulnerability report.