Please do not report critical security vulnerabilities through the public issue tracker.
For critical security bugs, contact:
kai@kaishome.de
Include a concise description, affected version or commit, reproduction steps, and any relevant logs or configuration details. Public disclosure should wait until the issue has been assessed and a fix or mitigation is available.
Use the public bug tracker for non-sensitive defects, usability problems, documentation issues, and feature requests.