Please do not report security vulnerabilities through public GitHub issues.
Use GitHub's built-in Private Vulnerability Reporting to report security issues confidentially.
This ensures the issue can be assessed and a fix prepared before any public disclosure.
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Any suggested fix (optional)
We aim to acknowledge reports within 72 hours and provide a fix timeline within 7 days.