Since Tails is based on Debian, it takes advantage of all the work done by the Debian security team. As quoted from https://www.debian.org/security/:

Debian 嚴肅地看待安全問㫻, 我們專注地處理任何安全 以確保它們能在合理的時間內達成正確。 許多改善建議與許多其它自由軟廠商協作 以能在弱點公佈的同一時間 我們能馬上有安全稽核小組來檢查檔案庫或是 找出未修復的程式臭蟲。

Experience has shown that "security through obscurity" does not work. Public disclosure allows for more rapid and better solutions to security problems. In that vein, this page addresses Debian's status with respect to various known security vulnerabilities, which could potentially affect Debian.

Current security vulnerabilities

Fixed security vulnerabilities

Security hole in I2P 0.9.13
Posted

Other vulnerabilities solved in included applications