Clarify how to report security vulnerabilities #8553
Description
From the README.md, it is currently not clear as to how to report security vulnerabilities.
Would it be possible to clarify this, perhaps by adding a SECURITY.md file?
{{ message }}