Jira is our entrypoint to report security vulnerabilities. Having this mind a KUNSECU user story (type Vulnerability) needs to be created.
Follow this documentation.
Follow the component ownership matrix and assign it to the corresponding team.
This is the benefit of having Dependabot. It will open pull requests for security and version updates. For more information check the Github documentation.