Do not open a public GitHub issue for security vulnerabilities.
Instead, email relab@cml.leidenuniv.nl with:
- a clear description of the issue and its potential impact
- steps to reproduce it, or a proof of concept
- any mitigations or patches you have already identified
- We aim to acknowledge reports within 5 business days.
- We aim to validate and triage confirmed issues as quickly as possible.
- For confirmed vulnerabilities, we will coordinate a fix and responsible disclosure timeline with the reporter where practical.
Please include enough detail for us to reproduce the problem. That saves time for everyone.