Do not open public issues for suspected security vulnerabilities.
Report privately via GitHub Security Advisories for this repository. If Security Advisories are not available, open a private channel with maintainers before disclosure.
- Description of the issue
- Affected components/files
- Reproduction steps
- Potential impact
- Suggested mitigation (if known)
- Initial triage response target: within 5 business days
- Status update target: within 10 business days
- Fix timeline depends on severity and complexity
Please allow maintainers time to validate and patch before public disclosure.