diff --git a/SECURITY.md b/SECURITY.md
index 739ff70..1f602dd 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -8,10 +8,16 @@ If you discover a security vulnerability in KnotCode, please report it responsib
 
 Instead, DM [**@BunsDev**](https://x.com/BunsDev) or use [GitHub's private vulnerability reporting](https://github.com/OpenKnots/code-editor/security/advisories/new).
 
-<!-- Instead, email **security@openknot.ai** or use [GitHub's private vulnerability reporting](https://github.com/OpenKnots/code-editor/security/advisories/new). -->
-
 We will acknowledge your report within 48 hours and aim to release a fix within 7 days for critical issues.
 
+## Supported Versions
+
+| Version | Supported |
+|---------|-----------|
+| 1.11.x (latest) | :white_check_mark: Active security updates |
+| 1.10.x | :white_check_mark: Critical fixes only |
+| < 1.10 | :x: End of life — please upgrade |
+
 ## Scope
 
 This policy covers:
diff --git a/docs/SECURITY.md b/docs/SECURITY.md
index 4576a8f..39ff837 100644
--- a/docs/SECURITY.md
+++ b/docs/SECURITY.md
@@ -1,5 +1,7 @@
 # Security Runbook
 
+> **Reporting a vulnerability?** See [`../SECURITY.md`](../SECURITY.md) for the disclosure policy and contact info.
+
 This document defines how KnotCode handles secrets, responds to leaks, and manages git author privacy.
 
 ## Secret Handling Policy