Security fixes are prioritized for the latest code on the main branch.

Please do not open public issues for security vulnerabilities.

Instead, report vulnerabilities privately:

• Open a private security advisory in GitHub (preferred), or
• Contact the maintainers through repository support channels.

When reporting, include:

• A clear description of the issue.
• Reproduction steps or proof of concept.
• Potential impact.
• Suggested mitigation (if available).

We will acknowledge reports as soon as possible and work on a fix based on severity and impact.