Please report security issues directly in GitHub at https://github.com/regclient/regclient/security/advisories/new or alternatively email git@bmitch.net.
We will typically respond within 7 working days of your report. If the issue is confirmed as a vulnerability, we will open a Security Advisory and acknowledge your contributions as part of it. This project follows a 90 day disclosure timeline.