Do not open public issues for security vulnerabilities.

Please report security issues via GitHub's private vulnerability reporting with a description, reproduction steps, and impact assessment.

We will acknowledge within 48 hours and aim to patch critical issues within 7 days.