Each project has its own security policy, so please read the security policy of the project you are looking for.
If you found any type of vulnerability, please report using the GitHub Security Advisories, clicking here or sending to the email [email protected].