Hello. I am a cyber security student. I have found multiple memory corruption vulnerabilities within the lemon LALR parser resulting in controlling multiple registers. I believe that a return to libc exploit is likely to be possible and i would like info on how to properly report this and go through responsible disclosure. I have done a lot of crash analysis in gdb and I have screenshots and further documentation that the vulnerability does indeed exist. Thanks, Cyber Security Researcher.