- Do not open a public issue.
- Email the maintainers at [email protected] with details of the vulnerability.
- We will acknowledge your report within 3 business days and work with you to resolve the issue promptly.
- Once the vulnerability is resolved, we will disclose it responsibly and credit you (if desired).