Security fixes are applied to the latest minor release compatible with supported Nextcloud versions (see appinfo/info.xml for the nextcloud dependency range).

Please do not open a public GitHub issue for security-sensitive reports.

• Prefer GitHub Security Advisories for this repository, or
• Contact the maintainer via GitHub with details to coordinate disclosure.

Include steps to reproduce, affected versions, and impact if you can. You should receive an initial response within a few days.