Please do not open a public GitHub issue for a security vulnerability.
Send security reports to:
Include a clear description, steps to reproduce the issue, and any possible impact. Please allow time for the report to be reviewed before disclosing it publicly.