diff --git a/extras/vpnupgrade.sh b/extras/vpnupgrade.sh
index dcaae74..5a16ae4 100644
--- a/extras/vpnupgrade.sh
+++ b/extras/vpnupgrade.sh
@@ -115,12 +115,23 @@ Version to install: Libreswan $SWAN_VER
 
 EOF
 
+case "$SWAN_VER" in
+  3.19|3.2[0123567])
+cat <<'EOF'
+WARNING: Older versions of Libreswan may contain security vulnerabilities.
+    See: https://libreswan.org/security/
+    Are you sure you want to install an older version?
+
+EOF
+    ;;
+esac
+
 case "$SWAN_VER" in
   3.2[35])
 cat <<'EOF'
 WARNING: Libreswan 3.23 and 3.25 have an issue with connecting multiple
     IPsec/XAuth VPN clients from behind the same NAT (e.g. home router).
-    DO NOT upgrade to 3.23/3.25 if your use cases include the above.
+    DO NOT install 3.23/3.25 if your use cases include the above.
 
 EOF
     ;;
diff --git a/extras/vpnupgrade_centos.sh b/extras/vpnupgrade_centos.sh
index 202a2e1..c9c8783 100644
--- a/extras/vpnupgrade_centos.sh
+++ b/extras/vpnupgrade_centos.sh
@@ -106,12 +106,23 @@ Version to install: Libreswan $SWAN_VER
 
 EOF
 
+case "$SWAN_VER" in
+  3.19|3.2[0123567])
+cat <<'EOF'
+WARNING: Older versions of Libreswan may contain security vulnerabilities.
+    See: https://libreswan.org/security/
+    Are you sure you want to install an older version?
+
+EOF
+    ;;
+esac
+
 case "$SWAN_VER" in
   3.2[35])
 cat <<'EOF'
 WARNING: Libreswan 3.23 and 3.25 have an issue with connecting multiple
     IPsec/XAuth VPN clients from behind the same NAT (e.g. home router).
-    DO NOT upgrade to 3.23/3.25 if your use cases include the above.
+    DO NOT install 3.23/3.25 if your use cases include the above.
 
 EOF
     ;;