The project currently accepts security reports for the latest development and release branches.
Please do not open a public issue for security vulnerabilities. Instead, report them privately through the repository’s maintainers using the contact information in the project admin channels.
Include the following in your report:
- A clear description of the issue
- Steps to reproduce the vulnerability
- Potential impact
- Any suggested mitigation or fix
We aim to acknowledge valid reports promptly and coordinate a responsible disclosure process.