NeoReports is pre-1.0. Security fixes are applied to the latest master and the most recent release only.

Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.

Instead, report them privately through GitHub's built-in flow:

1. Go to the repository's Security tab.
2. Click Report a vulnerability (GitHub Private Vulnerability Reporting).
3. Provide a clear description, affected versions, reproduction steps, and the impact you foresee.

You can expect an initial acknowledgement within a few days. Once the report is validated, we will work on a fix and coordinate a disclosure timeline with you, crediting you unless you prefer to remain anonymous.

Thank you for helping keep NeoReports and its users safe.