Please do not open a public issue for a security vulnerability.

Report vulnerabilities privately through either:

• GitHub Security Advisories: open the repository's Security tab, then choose Report a vulnerability.
• Email: ahmed.aredah@gmail.com

When reporting, please include:

1. The affected CargoNetSim version or commit SHA.
2. A clear description of the vulnerability and its impact.
3. Steps to reproduce the issue or a minimal proof of concept, if available.
4. Relevant logs, screenshots, or configuration details.
5. Your preferred contact information for follow-up.

• Vulnerability reports will be acknowledged within 7 days.
• A status update will be provided within 30 days.

CargoNetSim follows coordinated disclosure. Please keep vulnerability details private until a fix or mitigation is available and a disclosure timeline has been agreed with the maintainer.