PLEASE DON'T DISCLOSE SECURITY-RELATED ISSUES PUBLICLY, SEE BELOW.

If you discover a security vulnerability, please report it privately through GitHub's private vulnerability reporting:

Go to the repository's Security tab and click "Report a vulnerability". This creates a private advisory visible only to maintainers and provides a structured workflow for triage, fix coordination, and CVE assignment.

All security vulnerabilities will be promptly addressed.