Security updates are always made for the latest version of CVE Binary Tool.
Older versions often have outdated mechanisms for getting NVD updates and cannot be supported.
Security issues with the tool itself can be reported to Intel's security incident response team via https://intel.com/security.
If in the course of using this tool you discover a security issue with someone else's code, please disclose responsibly to the appropriate party.