If you believe you have found a security vulnerability, please do not open a public issue with sensitive details.

Preferred reporting channels:

1. GitHub Security Advisories (enable it in repository settings).
2. If that is not available, open an issue that requests a private contact channel (without including exploit details).