If you believe you have found a security vulnerability in CDS, please report it privately.

• Do not open a public GitHub issue for security-sensitive reports.
• Use GitHub Security Advisories if enabled for this repository.

When reporting, please include:

• A clear description of the vulnerability and its impact
• Steps to reproduce (proof-of-concept if possible)
• Affected versions (or commit SHA)
• Any suggested remediation

Security fixes are provided for the latest released version. If you are running an older version, please upgrade and retry.

We will acknowledge receipt as soon as possible and work with you on a coordinated disclosure timeline.