To report a vulnerability, do not open an issue. Email security@unidata.ucar.edu directly.