Because of the nature of this library being about accessing an API, supported versions is only ever the latest version. If you see a vulnerability with the library itself and NOT with SSO of EVE Online in general feel free to share. If it is an issue with EVE SSO and something you think we can mitigate, feel free to share! As always, "Internet Spaceships are serious business."

Honestly I'd say the best way to report would be to a contributor in Discord, preferably to myself (Gehnster). If you want to share a PR then feel free! We can work to make sure its released as quickly as possible from PR to finish.