To report a security vulnerability, please email security@ons.gov.uk or open a confidential issue on GitHub. We aim to acknowledge your report within 2 business days and provide updates at least weekly until resolution. If the vulnerability is accepted, we will work with you on a coordinated disclosure. If declined, we will provide a clear explanation.

Please include as much detail as possible, including steps to reproduce, affected versions, and any relevant logs or screenshots.