This project is for the development and testing of UEFI tools and applications only, use in a production environment is not supported. Because of this, security vulnerabilities are treated as normal bugs/issues and can be reported using the normal GitHub issue reporting tools.