You can follow it in official documentation: docs
If you discover a security vulnerability within Laravel, please send an e-mail to just.dior. All security vulnerabilities will be promptly addressed.
The Laravel framework is open-sourced software licensed under the MIT license.