Please do not open a public GitHub issue for suspected security vulnerabilities. Public issues are world-readable and would expose the report before a fix is available.

Instead, use GitHub's private vulnerability reporting:

1. Navigate to the repository's Security tab on GitHub.
2. Choose Report a vulnerability.
3. Fill in a clear description, reproduction steps, affected version, and any proof-of-concept or impact analysis you can share.

Reports are received privately by the maintainers and are not disclosed until a fix is ready.