If you've discovered a vulnerability, please refrain from filing a public issue.
We kindly ask that you follow responsible disclosure guidelines, keeping in mind the risks faced by whistleblowers.
To report a vulnerability, please contact us privately via one of the following methods:
- Reporting form: Submit a security advisory
- Email: [email protected]
For any sensitive information, please encrypt your message using our PGP key: F6EFBDFAD0A3CF4A55085C3E7BBB231D031957FA
We aim to acknowledge reports within 8 hours and address any critical issues with short-term fixes within 2 days, whenever possible.