Do not open a public GitHub issue for security vulnerabilities.

Email security@xpaymind.ai with:

1. Description of the vulnerability
2. Steps to reproduce
3. Potential impact

We will acknowledge within 48 hours and provide a fix timeline within 7 days.