docs: add SECURITY.md to outline vulnerability reporting process

[seokjeon]

This PR introduces a SECURITY.md file to the repository to define the project's security policy.

Summary of Changes:

• Lists supported versions for security updates (currently 1.5.7 and above).
• Provides detailed guidance for reporting vulnerabilities via GitHub's built-in advisory form.
• Encourages clear and thorough reporting to help the maintainer team respond effectively.

By adopting this policy, we aim to make our vulnerability disclosure process more transparent and accessible for the community.