MyBB 1.8.6 came out the other day so, here's a thread about it.
What’s added/changed in this version?
This release fixes 5 security vulnerabilities and 51 reported issues causing incorrect functionality of MyBB. Please be aware that not all issues have been fixed in this version in order to provide easy to manage updates.
Medium Risk: Forum password bypass in xmlhttp.php.
Low Risk: SQL Injection in Grouppromotions module (ACP).
Low Risk: Possible XSS Injection in the error handler.
Low Risk: Possible XSS issues in old upgrade files.
Low Risk: Possible Full Path Disclosure in publicly accessible error log files.