Security fixes are applied to the latest published release.
Please use GitHub's private vulnerability reporting for this repository. Do not open a public issue for vulnerabilities involving authentication data, tokens, local account storage, or the dashboard.
Include:
- affected version and operating system
- reproduction steps or a proof of concept
- expected impact
- any suggested mitigation
Never include real access tokens, passwords, cookies, email inbox contents, or other private credentials. Reports will be acknowledged as soon as practical, and coordinated disclosure is preferred.