ELM327-emulator is a testing software which is not expected to run in production environments. Considering that the dictionary allows executing user-defined commands, it is important to revise any third-party customization to avoid that security flaws are introduced.

Security bugs will be taken seriously and, if confirmed upon investigation, a new patch will be released within a reasonable amount of time, including a security bulletin and the credit to the discoverer.

Warning: when using the TCP/IP networking, the INET socket is bound to all interfaces.

The way to report a security bug is to open an issue including related information (e.g., reproduction steps, version).