To report security concerns or vulnerabilities with protobuf, please use Google's official channel for reporting these. https://www.google.com/appserve/security-bugs/m2/new