Currently there's support for the first released version (1.0.0) on Github and nuGet.
You can confidentially report any vulnerability using the "Report a Vulnerability" button you can find in the Security tab. By default you have a template to report the vulnerability, just follow it as closely as you can.
All the known issues with protobuf-net could affect this package. If you have had an issue while using ScapeCore please report it using a Issue.