This project is actively maintained on the main branch.

Please report vulnerabilities privately by contacting maintainers before public disclosure.

Include:

• Affected component(s)
• Reproduction steps / PoC
• Impact and severity estimate
• Suggested mitigation if available

We aim to:

• Acknowledge within 72 hours
• Share status updates regularly
• Publish a fix and release notes after remediation