Please report (suspected) security vulnerabilities to the owner of the repository either via email (jack.ashwell1@gmail.com) or Discord (aspect1103). You will receive a response from the owner as soon as possible and if accepted, a patch will be released as soon as possible depending on the complexity and severity of the problem.