Report security vulnerabilities to forkphorus@turbowarp.org instead of the public issue tracker.

You will get a response within 48 hours.