Security Policy

Reporting a Vulnerability

Please do not open a public GitHub issue.

Use GitHub's "Report a vulnerability" button under: Security > Advisories > Report a vulnerability

We aim to acknowledge reports within 72 hours. Please include reproduction steps, affected versions, impact, and suggested fix if available.