In case you have found an exploitable bug and you would like to do the right thing and let us fix it before you disclose it, we would be happy to get your security advisory at firstname.lastname@example.org. Please add [SECURITY] or [ADVISORY] in the subject. Be sure that your report contains complete and detailed analysis of the bug. Sending a fix is highly appreciated. Please don't delay your report to write proof-of-concept exploit, you can send that one with another mail.