If you found a security vulnerability, don't open a public issue, because attackers could see the vulnerability and use it before its fixed. Instead see Report a security vulnerability.

To report a security vulnerability, open a new Github draft security advisory.

There are currently no known security vulnerabilities in any of the versions.