Any version of Splinter from 1.0.0 onward is supported. Due to the nature of Splinter there will likely be very few issues that require responsible disclosure, but please reach out to me at:

timthepost@protonmail.com

If you find something that you think could make someone using Splinter in production vulnerable to mishap or bad actors. I usually respond as soon as I can to urgent things like that, but please give me a day or two as I am disabled.