The latest version of react-command-palette will be patched regularly as fixes become available.

To report a vulnerability simply open a Github issue. You can expect to receive a response with a day or two, though this is not a hard and fast rule. If the vulnerability is accepted it will be prioritized relative to its severity. As a general principal security issues are prioritized ahead of all other work. If the issue is declined the rational will be note in Github issue.