You can disclose any vulnerability directly to vojtech@miksu.cz or through our discord to any team member.

If the vulnerability is verified, you can expect a published fix in 2 weeks. After that, it should be disclosed publicly.