To report a vulnerability in arbiter, please use the repository's private vulnerability reporting feature. Do not open a public issue.