This document will describe briefly how to report a security vulnerability.

To report a vulnerability, first you must gather as much information as possible.

Things like steps to reproduce, under what conditions it happens, what versions of the app it happens in, and so on.
The more information you gather, the easier it will be to fix.

Go to the Security tab, and click on Report a vulnerability.

Fill out the form with everything, and submit it. You may also start a private temporary fork to aid in fixing it.
Security vulnerabilities will take extreme priority over everything else.