Please do not open a public issue for a suspected vulnerability.

Report security issues privately by contacting the maintainers through the repository security advisory flow, or by using the maintainer contact channel listed on the GitHub repository once published.

Please include:

• Affected package and version.
• A clear description of the issue.
• Reproduction steps or a minimal proof of concept.
• Impact and any known mitigations.

Security fixes target the latest master branch, the active develop branch, and the latest published package version.