The latest public-beta line and the default main branch receive security fixes. Older beta packages may be asked to upgrade before investigation.
Use a private GitHub security advisory:
https://github.com/masarray/DigSubAnalyzer/security/advisories/new
Do not publish exploit details, malicious captures, customer SCL files, or sensitive screenshots in a public issue.
Include the affected version/commit, Windows and Npcap environment, minimal reproduction steps, impact, and sanitized evidence. An initial acknowledgement is targeted within seven days; remediation timing depends on severity and reproducibility.
- Unsafe parsing of crafted Ethernet, SV, GOOSE, PTP, BER, MMS, or SCL input
- Crashes, hangs, excessive allocation, or resource exhaustion from malformed traffic
- Cross-stream state contamination that can misrepresent engineering evidence
- Accidental capture, log, configuration, or project-data disclosure
- Release-package integrity and workflow-permission issues
- Certification of timing measurement accuracy
- Unsupported or compromised Npcap/driver installations
- Vulnerabilities in third-party software not distributed by this repository
- Social engineering, denial-of-service against public infrastructure, or tests involving customer networks without authorization
Process Bus Insight is intended for local engineering use. Sanitize captures, SCL files, screenshots, MAC/IP addresses, device names, and project references before sharing them.