If you believe you've found a vulnerability, please email Víctor Duarte Melo victormeloasm@gmail.com with a minimal proof‑of‑concept or repro steps. Kindly wait for acknowledgement before public disclosure. Do not attach secrets or private keys in issues/PRs.