Any vulnerability disclosure policy?

Didn’t find anything in the web page it would be interesting to have some information if a new vulnerable aspect appears.

Thanks in advance