Security audit
The Ethereum Foundation and POA Network commissioned ABDK Consulting to audit the source code of Semaphore as well as relevant circuits in circomlib, which contains components which the Semaphore zk-SNARK uses.
The summary of the audit results can be found here. After three rounds of fixes, all security and performance issues were fixed, and the few remaining issues are minor and do not affect security.