To report a security vulnerability, please create a descriptive Issue labeled with security-audit. If possible, also create a PR linked to the created Issue with a proposed fix.