Currently, there is no dedicated location to report vulnerabilities, so anything you think may be a security implication should be reported by opening an issue.