Kanboard is currently in maintenance mode. There is no active feature development, only occasional bug fixes and small improvements.
Private vulnerability reporting on GitHub has been disabled due to a high volume of low-quality, AI-generated reports.
Reviewing these reports takes time away from the people maintaining the project. Most submissions are invalid, theoretical, non-exploitable, require unrealistic conditions, or describe simple bugs rather than real security issues.
Security issues are now treated as regular bugs.