Skip to content

cdeust/Cortex

v3.17.1 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 7d MCP Data & Storage
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

agent-memory-system anthropic artificial-intelligence causal-inference claude claude-code
+14 more
claude-code-plugin cognitive-architecture cognitive-science episodic-memory hopfield-network llm-memory long-term-memory mcp-server model-context-protocol neuroscience persistent-memory predictive-coding retrieval-augmented-generation vector-db

Affected surfaces

auth

ReleasePort's take

Moderate signal
editorial:auto 7d

The release patches an untrusted dev-source ACE vulnerability (GHSA-gvpp-v77h-5w8g) and adds several wiki processing improvements.

Why it matters: Fixes a high‑severity security flaw with severity score 95; operators should apply the update immediately to protect dev‑source handling.

Summary

AI summary

Security fix, recall and wiki enhancements, graph_quality_scorer bugfix, mcp validation fix, dependency bump.

Changes in this release

Security Critical

Fixes untrusted dev-source ACE vulnerability (GHSA-gvpp-v77h-5w8g).

Fixes untrusted dev-source ACE vulnerability (GHSA-gvpp-v77h-5w8g).

Source: llm_adapter@2026-05-27

Confidence: high
Feature Low

Adds autonomous curation loop with per‑project coverage to wiki.

Adds autonomous curation loop with per‑project coverage to wiki.

Source: llm_adapter@2026-05-27

Confidence: high
Feature Low

Adds auto‑curator that produces wiki‑authoring jobs from PG memory clusters.

Adds auto‑curator that produces wiki‑authoring jobs from PG memory clusters.

Source: llm_adapter@2026-05-27

Confidence: high
Feature Low

Renders Mermaid diagrams in wiki pages.

Renders Mermaid diagrams in wiki pages.

Source: llm_adapter@2026-05-27

Confidence: high
Feature Low

Ports full 42‑scope catalogue from agentic‑ai for parity in wiki.

Ports full 42‑scope catalogue from agentic‑ai for parity in wiki.

Source: granite4.1:30b@2026-05-27-audit

Confidence: low
Feature Low

Expands guides catalogue to 27 canonical scopes in wiki.

Expands guides catalogue to 27 canonical scopes in wiki.

Source: granite4.1:30b@2026-05-27-audit

Confidence: low
Feature Low

Adds installation, troubleshooting, and contributing how‑to scopes to wiki.

Adds installation, troubleshooting, and contributing how‑to scopes to wiki.

Source: granite4.1:30b@2026-05-27-audit

Confidence: low
Feature Low

Adds flow‑diagram canonical section to wiki (parity with agentic‑ai).

Adds flow‑diagram canonical section to wiki (parity with agentic‑ai).

Source: granite4.1:30b@2026-05-27-audit

Confidence: low
Dependency Low

Bumps idna from 3.12 to 3.15 in the uv group across one directory.

Bumps idna from 3.12 to 3.15 in the uv group across one directory.

Source: llm_adapter@2026-05-27

Confidence: high
Performance Low

Never blocks MCP launch or UI load; graph builds only on Graph button click.

Never blocks MCP launch or UI load; graph builds only on Graph button click.

Source: granite4.1:30b@2026-05-27-audit

Confidence: low
Bugfix Medium

Adds bulk_migrate robustness fixes for wiki processing (ADR‑2244 Phase 4.1).

Adds bulk_migrate robustness fixes for wiki processing (ADR‑2244 Phase 4.1).

Source: llm_adapter@2026-05-27

Confidence: high
Bugfix Medium

Filters low‑signal tool‑output captures from default recall results.

Filters low‑signal tool‑output captures from default recall results.

Source: llm_adapter@2026-05-27

Confidence: high
Bugfix Medium

Remembers tool output validation to resolve schema vs handler mismatches in MCP.

Remembers tool output validation to resolve schema vs handler mismatches in MCP.

Source: llm_adapter@2026-05-27

Confidence: high
Bugfix Medium

Skips empty Process pages with symbol_count = 0 in wiki.

Skips empty Process pages with symbol_count = 0 in wiki.

Source: llm_adapter@2026-05-27

Confidence: high
Bugfix Medium

Blocks codebase‑scan dumps from polluting wiki notes.

Blocks codebase‑scan dumps from polluting wiki notes.

Source: llm_adapter@2026-05-27

Confidence: high
Bugfix Low

Refuses transient roots such as worktrees, pytest fixtures, and deps/ in seed processing.

Refuses transient roots such as worktrees, pytest fixtures, and deps/ in seed processing.

Source: granite4.1:30b@2026-05-27-audit

Confidence: low
Bugfix Low

Blocks auto‑captured tool dumps from becoming wiki pages.

Blocks auto‑captured tool dumps from becoming wiki pages.

Source: granite4.1:30b@2026-05-27-audit

Confidence: low
Bugfix Low

Renders Bash stdout/stderr and Edit diffs as readable multi‑line markdown in wiki.

Renders Bash stdout/stderr and Edit diffs as readable multi‑line markdown in wiki.

Source: granite4.1:30b@2026-05-27-audit

Confidence: low
Bugfix Low

Prevents truncation in auto‑capture and strips markdown from page titles in wiki.

Prevents truncation in auto‑capture and strips markdown from page titles in wiki.

Source: granite4.1:30b@2026-05-27-audit

Confidence: low
Full changelog
  • fix(security): GHSA-gvpp-v77h-5w8g — untrusted dev-source ACE (#47)
  • test: add pytest-timeout to surface hanging tests in CI
  • style: ruff format on graph_quality_scorer.py + test_recall.py
  • fix(recall): align handler output with declared outputSchema (#46)
  • fix(graph_quality_scorer): BUG #6 — score AST-derived SYMBOL nodes
  • fix(mcp): remember tool output validation — schema vs handler mismatches (#45)
  • chore(deps): bump idna in the uv group across 1 directory (#44)
  • fix(ci): resolve 3 remaining test failures from the wiki autonomy turn
  • docs(svg): fix architecture diagram layout bugs
  • docs: refresh architecture + team-memory SVGs for 3.17.0
  • feat(wiki): port full 42-scope catalogue from agentic-ai for parity
  • docs(README): rewrite "Write papers in Cortex" with the new editor screenshot
  • feat(wiki): expand guides catalogue to 27 canonical scopes
  • feat(wiki): add installation / troubleshooting / contributing how-to scopes
  • feat(wiki): add flow-diagram canonical section (parity with agentic-ai)
  • docs(README): wire two real wiki screenshots into the wiki section
  • release: v3.17.0 — autonomous wiki curation
  • style: ruff check — remove unused imports + local variable
  • style: ruff format pass + test_auto_curator scope lookup by name
  • feat(wiki): autonomous curation loop with per-project coverage
  • fix(domain): discover repos under ~/Documents/Developments too
  • feat(curate_wiki): wire skip-authored + consolidate stats + SessionStart preamble
  • feat(curate_wiki): auto-curator that produces wiki-authoring jobs from PG memory clusters
  • fix(seed): refuse transient roots (worktrees, pytest fixtures, deps/)
  • feat(viz/wiki): render mermaid diagrams in wiki pages
  • fix(wiki): skip empty Process pages (symbol_count=0) — they have no information
  • fix(wiki): block codebase-scan dumps from polluting wiki notes
  • fix(wiki): block auto-captured tool dumps from becoming wiki pages
  • fix(wiki): render Bash stdout/stderr + Edit diffs as readable multi-line markdown
  • fix(wiki): no truncation in auto-capture + strip markdown from page titles
  • fix(viz): never block MCP launch or UI load — graph builds only on Graph button click
  • fix(recall): filter low-signal tool-output captures from default results (#43)
  • fix(wiki): bulk_migrate robustness fixes from live apply (ADR-2244 Phase 4.1) (#42)

What's Changed

  • fix(wiki): bulk_migrate robustness fixes from live apply (ADR-2244 Phase 4.1) by @cdeust in https://github.com/cdeust/Cortex/pull/42
  • fix(recall): filter low-signal tool-output captures from default results by @cdeust in https://github.com/cdeust/Cortex/pull/43
  • chore(deps): bump idna from 3.12 to 3.15 in the uv group across 1 directory by @dependabot[bot] in https://github.com/cdeust/Cortex/pull/44
  • fix(mcp): remember tool output validation — schema vs handler mismatches by @cdeust in https://github.com/cdeust/Cortex/pull/45
  • fix(security): GHSA-gvpp-v77h-5w8g — untrusted dev-source ACE by @cdeust in https://github.com/cdeust/Cortex/pull/47

Full Changelog: https://github.com/cdeust/Cortex/compare/v3.16.0...v3.17.1

Security Fixes

  • GHSA-gvpp-v77h-5w8g — untrusted dev-source ACE vulnerability fixed
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track cdeust/Cortex

Get notified when new releases ship.

Sign up free

About cdeust/Cortex

Persistent memory for Claude Code grounded in computational neuroscience (41 cited papers)

All releases →

Related context

Beta — feedback welcome: [email protected]