To report a security vulnerability, please follow these steps:
- If you discover a security vulnerability, we'd appreciate a non-public disclosure.
- Contact us via any developers from are Contributor Mailing List.
- Provide a clear description of the issue and potential impact.
- We will acknowledge your report within 48 hours and provide updates as we assess and address the issue.
For more details, visit the Security Wiki.