If you discover a security issue related to the public MTA mirror, please report it privately before opening a public issue. Prefer GitHub's private vulnerability reporting flow for this repository when it is enabled.
Please include:
- affected commit or tag
- reproduction steps
- impact assessment
- any suggested mitigation
We aim to acknowledge reports quickly and coordinate a fix before public disclosure when practical.