We strongly encourage you to report security vulnerabilities to our private security mailing list: security@cilium.io - first, before disclosing them in any public forums.
This is a private mailing list where only members of the Cilium internal security team are subscribed to, and is treated as top priority.