Please report vulnerabilities via email. For good measure please send me a direct message on Discord as well.

Please do not disclose vulnerabilities publically without prior approval.

I'll try to at least respond to reports within 3 days. I cannot offer you money in exchange for finding bugs, but I can thank you on the website or here on GitHub if you want.