Please do not open a public issue for security vulnerabilities.
Instead, report vulnerabilities privately via GitHub Security Advisories (preferred) or contact the maintainers directly.
Include:
- A clear description of the issue
- Reproduction steps / proof of concept
- Impact assessment
- Suggested fix, if available
We will acknowledge reports as quickly as possible and coordinate responsible disclosure.