If you want to change any server settings, edit /path/to/ServerFiles/sdtdserver.xml Read EVERYTHING to avoid any errors, if you have any problems open a github ticket.
Versions 2.0.6 and earlier silently report zero package CVEs. A query bug made the package vulnerability check fail on every scan and discard the error, so older binaries always show 0 package CVE ...