You can submit a vulnerability by creating a new issue. Please include the following information:

• CVE ID (if it exists)
• What the vulnerability does within the app
• Any active exploitation (contact us via email at [email protected]

If your vulnerability is accepted, expect remediation within 72 hours. If declined (which is unlikely), expect only one official response.