Please disclose vulnerability privately using the PGP public key and email found on https://sunknudsen.com/contact.