Please do not report security vulnerabilities through public GitHub issues.
For the first source-only public version of MKL-Q, report potential security issues privately to the repository maintainer through GitHub's private vulnerability reporting feature if it is enabled. If private reporting is not enabled for the repository, contact the maintainer through the GitHub profile listed on the repository owner account.
When reporting a security issue, include:
- affected commit or branch;
- platform and compiler details;
- minimal reproduction steps;
- potential impact;
- whether the issue is specific to MKL-Q or also appears in upstream CUDA-Q.
For vulnerabilities in upstream CUDA-Q or NVIDIA products, use the upstream project's official security reporting process instead.