Security fixes are provided for the latest major/minor release. Older versions may receive fixes on a best-effort basis.

Please report security issues privately:

• Open a GitHub security advisory (preferred)
• Or email the maintainer (see repository owner profile)

Do NOT file public issues for sensitive reports.

Issues involving:

• Incorrect validation of IPv6 addresses / prefixes
• Split operations causing resource exhaustion
• Panics or memory corruption due to malformed input
• Incorrect arithmetic leading to privilege/security boundary issues

You will receive an acknowledgement within 72 hours. A fix or mitigation will be coordinated before public disclosure.