Security fixes are applied to the current main branch and any published releases that remain in active use.
Do not open a public issue or pull request for security-sensitive reports.
Please report vulnerabilities privately through GitHub Security Advisories for this repository. Include:
- Affected component or file
- Steps to reproduce
- Impact description
- Proof of concept, if available
- Suggested fix, if known
We will acknowledge the report, assess severity, and coordinate remediation before public disclosure.