There are 2 open security issues in bullseye.
2 issues left for the package maintainer to handle:
Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c).
Liblouis 3.21.0 has an out-of-bounds write in compileRule in compileTranslationTable.c, as demonstrated by lou_trace.
You can find information about how to handle these issues in the security team's documentation.