If you discover a security vulnerability, please report it responsibly:

1. Do NOT open a public GitHub issue
2. Use GitHub's private vulnerability reporting feature
3. Include: description, steps to reproduce, potential impact
4. Allow 90 days for a fix before public disclosure

Only the latest release is actively supported with security updates.