We always support our latest stable feature version.
Depending on the state of the project, version and environments we may patch older versions or support multiple feature versions.
Please report vulnerabilities in private to security@mumble.info.
We will do our best to respond, verify them and resolve them as quickly as possible.
Our security advisories are published at https://www.mumble.info/security/.