To report a vulnerability, please use the "privately reporting a security vulnerability" feature from GitHub. You can find the "Report a vulnerability" button under the security tab. For more information, see the privately reporting a security vulnerability documentation.