Last stable version of the MOSP always provides security updates. There will be no security patches for other releases (tagged or not).
If you think you have found a potential security issue, do not open directly a GitHub issue. Please open a GitHub security advisory: https://github.com/NC3-LU/MOSP/security
Or email us: opensource@nc3.lu.
You can also specify how you would like to be credited for your finding (commit message or release notes for the new release). We will respect your privacy and will only publicize your involvement if you grant us permission.