Not sure where else to ask this--has anyone seen or heard anything about SPMC and the recent news that SRT subtitle files downloaded from specific sites can run malicious code in certain media players?

Looks like Kodi released a patch, so did VLC, but the current SPMC is 16.6, and I think the bug fix on Kodi is version 17.2.

I run SubZero on my Plex Media Server and it gets subs from OpenSubtitles, and I'm concerned that those subs may be a threat if run from SPMC.

Any information that anyone can provide is much appreciated!