In case of vulnerability finding:

1. Create an Issue with a specific tag and [VULN] in its name.
2. Assign some contributors by tagging one of them almost.
3. Explain in a clearly manner how to reproduce the bug and the recommandation.