Not all security fixes are backported so unfortunately if you’re concerned about vulnerabilities, updating to the current release OS is a requirement.
If you can deal with known vulnerabilities and cross-reference all of Apple's CVE notes, more power to you. I can't say I have that much free time (Liquid Glass sucks, though).
I never suggested that. But Apple itself prioritizes patches by severity when deciding what to backport.
Some issues are so severe that Apple occasionally releases a new security update for previous OS versions that no longer receive security updates otherwise.
A lot of issues are merely privilege escalation, which is not necessarily a big problem on a personal computer.
Do you think that new major OS versions introduce only fixes and not bugs?
I think version N-1 is a good balance between getting the fixes and avoiding the new bugs.