Security fixes are applied to the latest main branch.
Please do not open public issues for security-sensitive reports.
Contact maintainers privately and include:
- A clear description of the vulnerability
- Reproduction steps or proof-of-concept
- Impact assessment
- Suggested mitigation if available
We will acknowledge receipt as soon as possible and coordinate disclosure and fixes.