Security fixes are maintained on the default branch and on currently open release preparation branches.
Please report suspected vulnerabilities through GitHub Security Advisories or private vulnerability reporting for this repository when available. If private reporting is unavailable, contact the maintainers privately before publishing details in a public issue.
Maintainers should acknowledge reports within 7 days, provide a remediation plan or status update after triage, and coordinate disclosure after a fix is available.