Please do not open public issues for security vulnerabilities.

To report a security vulnerability, please use GitHub Security Advisories. This allows us to discuss and resolve the issue privately before any public disclosure.

When reporting, please include:

• A description of the vulnerability
• Steps to reproduce the issue
• The potential impact
• Any suggested fixes (if applicable)

• Acknowledgment: Within 48 hours of the report being received.
• Critical fixes: Within 30 days for critical issues.

We will keep you informed of our progress as we work toward a resolution. Once the issue is fixed, we will coordinate disclosure with you.