If you discover a security vulnerability in Aero, please report it directly through GitHub using the "Report a vulnerability" feature on the Security tab of the repository. This ensures your report is handled privately by the maintainers.

• Do not disclose security issues publicly until they have been reviewed and addressed by the Aero team.
• We aim to acknowledge and respond to all reports within 5 business days.
• After triage, we will keep you informed of the status and work with you on a coordinated disclosure if necessary.

For more information, see GitHub’s Privately reporting a security vulnerability.

Thank you for helping keep Aero and its users safe!