If you believe you have found a security vulnerability, please report it privately.
Contact: git@sunsung.fun
Please include:
- a clear description of the issue
- steps to reproduce (proof-of-concept if possible)
- impact assessment (what an attacker can do)
- affected versions or commit hash (if known)
Security fixes are applied to the default branch. If you need a fix backported to an older tag, include that request in your report.
Please do not publish security reports publicly until the issue has been reviewed and a fix has been released (or a mitigation has been documented).