This framework is in development and has no release versions yet. All vulnerabilities will be addressed.

As this is an open-source project in development, there is no need at present to privately disclose the nature of a vulnerability. These can be brought up in Issues, tagged as "security".