Actively supported versions of ChatterBot can be determined using the following table.

ChatterBot uses GitHub's private security vulnerability reporting to accept reports about potential security vulnerabilities.

https://github.com/gunthercox/ChatterBot/security/advisories

To begin the process select the "Report a vulnerability" button on the security advisories page. Once the report has been investigated an response plan will be issued based on the level of severity. A response can generally be expected within 24 hours of report submission.