If you discover a security vulnerability, please report it privately to the maintainers.

Do not open public issues with exploit details before coordinated disclosure.