Please do not open public GitHub issues for suspected security vulnerabilities.

Instead, report vulnerabilities privately using GitHub's private vulnerability reporting feature for this repository, or contact the maintainers directly through a private channel.

When reporting, please include:

• A clear description of the issue and impact.
• Steps to reproduce, proof-of-concept, or logs.
• Affected versions / environments.
• Any suggested mitigations.

We will acknowledge reports as quickly as possible, validate findings, and coordinate a responsible disclosure timeline.

Security fixes are generally targeted at the latest main branch state.