Security Policy Reporting a Vulnerability Open an issue on GitHub describing the vulnerability. Do not include sensitive details in public issues.