Security updates are released for the latest versions of Aseprite: latest tagged version of main and beta branches.

To report a security issue in Aseprite send an email to security@aseprite.org.

You should receive a response within the next 30 days. If the vulnerability is accepted, a fix should be published within the next 90 days from when the issue was accepted.