docs(security): add SECURITY.md with vulnerability disclosure policy

- Introduce a security policy describing supported versions
- Define responsible vulnerability reporting process
- Provide contact channel for private security reports
- Align repository with standard open-source security practices

This prepares the project for public distribution and improves
security transparency for the Maatify ecosystem.

Author: megyptm

SECURITY.md

@@ -0,0 +1,43 @@
+# Security Policy
+
+## Supported Versions
+
+The following versions of **Maatify SharedCommon** are currently supported with security updates.
+
+| Version | Supported |
+|--------|-----------|
+| 1.x | ✅ Yes |
+| < 1.0 | ❌ No |
+
+---
+
+## Reporting a Vulnerability
+
+If you discover a security vulnerability in this project, please report it responsibly.
+
+Please **DO NOT open a public GitHub issue** for security vulnerabilities.
+
+Instead, report it privately via email:
+
+support@maatify.com
+
+Include the following information when possible:
+
+- Description of the vulnerability
+- Steps to reproduce
+- Potential impact
+- Suggested mitigation (if available)
+
+We will acknowledge receipt of your report as soon as possible and work to address the issue.
+
+---
+
+## Disclosure Policy
+
+Once a vulnerability is confirmed:
+
+1. A fix will be prepared and tested.
+2. A patched version will be released.
+3. Security advisories will be published when appropriate.
+
+We appreciate responsible disclosure that helps keep the ecosystem safe.