Please report any high severity vulnerabilities in the current supported versions to reeceharris@duck.com. Don't create an issue unless the vulnerability/bug is of low severity and won't impact the integrity of all the users using it.