Please do not post security vulnerability details in public Issues.

Preferred

• Use the repository Security tab and Report a vulnerability so maintainers can assess and fix privately.

Include when possible

• Affected version or commit
• Steps or a clear description to reproduce
• Impact you believe applies

We aim to respond in a reasonable time. Thank you for responsible disclosure.