There is 1 open security issue in bullseye.
1 issue left for the package maintainer to handle:
An issue was discovered in the POP3 component of Courier Mail Server before 1.1.5. Meddler-in-the-middle attackers can pipeline commands after the POP3 STLS command, injecting plaintext commands into an encrypted user session.
You can find information about how to handle this issue in the security team's documentation.