Please report security vulnerabilities via email, not public issues.

Include:

• Description of the vulnerability
• Steps to reproduce
• Potential impact

We will respond within 72 hours.