Email a vulnerability report to security@pelletier.codes. Make sure to include as many details as possible to reproduce the vulnerability. This is a side-project: I will try to get back to you as quickly as possible, time permitting in my personal life. Providing a working patch helps very much!