Security Report vulnerabilities via GitHub Security Advisories. Do not open a public GitHub issue for security vulnerabilities.