Security fixes are handled for the latest public release.
Please do not publish exploit details in public issues. Report vulnerabilities privately through GitHub Security Advisories if enabled, or contact the repository maintainer directly.
Include:
- affected version/commit;
- steps to reproduce;
- expected and actual behavior;
- relevant logs or screenshots without secrets.