Please do not report security vulnerabilities through public GitHub issues.
Instead, report them privately using GitHub's private vulnerability reporting on the affected repository, if enabled. Otherwise, reach out via my GitHub profile and I'll follow up with a private channel.
Please include as much of the following as you can:
- A description of the vulnerability and its potential impact
- Steps to reproduce, or a proof-of-concept
- Any relevant logs or screenshots
You should receive a response within a few days. If the issue is confirmed, a fix will be prioritized based on severity, and you'll be credited in the release notes unless you prefer otherwise.