Please report security issues privately to the project maintainers before public disclosure.
When reporting, include:
- A clear description of the issue
- Steps to reproduce
- Expected impact
- Any safe proof of concept details
Do not include real user email addresses, secrets, or private DNS data in reports.