Mumble (and Murmur), an End-to-end Encrypted (E2EE) Communication Tool for Voice (Group Chats Included), Likely Withstood Over a Decade Without Security Flaws
A couple of years ago I made a video about Mumble and how I use it, why it is good, and so on. The development process is dynamic and the latest release was on May 19 of this year. I use it a lot (about 10 people), I host it from home, and sometimes whistleblowers use it too (safely leaking material requires E2EE). There are other options for these sorts of things, but I cannot comment on them based on personal experience.
To avoid repetition, as it would be pointless, this article won't explain how Mumble works (this video covers it) but instead point out this security policy: "Depending on the state of the project, version and environments we may patch older versions or support multiple feature versions."
The page suggests the last of all "Security Advisories" was back in 2016 and in the server side, Murmur. Of course it only impacted Windows, which is back-doored anyway (and thus ought not be the server). "It is possible to cause Murmur on Windows to stop receiving UDP packets by sending a crafted UDP packet," it says. Why put the back end on Windows despite all that we know about Microsoft and the NSA?
Prior to this, one must go to 2014 (earlier months) to find a record of Mumble (or Murmur) flaws. This means that in over a decade the 'suite' (Murmur/Mumble) have had no known security problems, at least based on this record from the Mumble Web site.
Security flaws may not be meticulously documented by the official site, so I've researched a bit and found no further evidence of newer flaws. That does not mean none exist; I just cannot see any. That's a good record. █