Only the most recent stable (non-pre-release) version is supported with security updates.
If you discover or suspect you have discovered a vulnerability, please report it to me@charleskorn.com, including [Security] in the subject line. Please include a short description of the issue and steps on how to reproduce it.
The issue will be investigated and fixed privately, then disclosed publicly once a fix is available.
Anyone who reports a vulnerability will be acknowledged in the release notes and security advisory.