This release includes 1 security fix for security teams reviewing exposed deployments.
Topics
+12 more
Affected surfaces
ReleasePort's take
Moderate signalCapRover 1.14.2 patches a critical nginx configuration vulnerability.
Why it matters: Patch to version 1.14.2 immediately if using Nginx configurations; CVE severity high (80) and affects all deployments.
Summary
AI summaryHotfix for nginx vulnerability
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Security | High |
Hotfix for nginx vulnerability released in version 1.14.2. Hotfix for nginx vulnerability released in version 1.14.2. Source: granite4.1:30b@2026-05-22-audit Confidence: low |
— |
| Security | Medium |
Hotfix nginx vulnerability addressed in CapRover 1.14.2. Hotfix nginx vulnerability addressed in CapRover 1.14.2. Source: llm_adapter@2026-05-21 Confidence: low |
— |
Full changelog
[1.14.2] - 2026-05-14
- Hotfix nginx vulnerability https://github.com/caprover/caprover/pull/2399
Note: CapRover does not include any rewrite directives that would result in this vulnerability. However, we are publishing this hotfix out of an abundance of caution to protect users who may have manually modified their Nginx config.
Security Fixes
- Hotfix for nginx vulnerability (referencing https://github.com/caprover/caprover/pull/2399)
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
Related context
Related tools
Beta — feedback welcome: [email protected]