Please immediately open a vulnerability issue on GitHub or privately report it to us. It will be immediately checked out.
Security vulnerabilities are not general issues. If you want to report a bug, please do it by opening a bug report. If you report a vulnerability publicly, bad actors can use it to their advantage. This is why you should report them privately. Such issues include even libraries used in a project. If an issue is seen on them, please first report it to their maintainers and then here.