Security vulnerabilities should not be reported as an issue on github because anyone can see this issue and use it.

On the other hand, Security vulnerabilities should be reported as fast as possible.

Instead, they should be as a private message on Discord to user dan1st#7327 or Gehasstes#0001.

Private Messages are only allowed if the both users are member of a common server (Guild). In order to bypass that, you can join this Server