- Supported versions: latest major and previous minor.
- Report vulnerabilities privately to [email protected].
- Expect initial response within 72 hours.
- Please include reproduction steps, affected versions, and possible impact.
- Do not open public issues for security reports.