Use the appropriate link below for advisories regarding the specific software product
...
Service Provider V3 (current)
Identity Provider V3 (current)
Service Provider V2 (legacy)
...
and version/generation.
If you wish to report a new security issue or an update to an advisory, please contact security@shibboleth.net. Alternatively you may file an issue and set the Security Level to "Vulnerability" to keep it confidential.