This release includes 1 security fix for security teams reviewing exposed deployments.
Published 1mo
MCP Data & Storage
✓ No known CVEs patched
This release patches 1 known CVE
Topics
agent-memory-system
anthropic
artificial-intelligence
causal-inference
claude
claude-code
+14 more
claude-code-plugin
cognitive-architecture
cognitive-science
episodic-memory
hopfield-network
llm-memory
long-term-memory
mcp-server
model-context-protocol
neuroscience
persistent-memory
predictive-coding
retrieval-augmented-generation
vector-db
Summary
AI summaryReDoS vulnerability in CamelCase regex fixed.
Full changelog
- fix: format 5 files to pass ruff formatting check
- fix: resolve all CodeQL security alerts + update auto-backfill tests
- fix: resolve ReDoS vulnerability in CamelCase regex (CodeQL py/redos)
- feat: consolidation pipeline, board view, replay tracking, auto-backfill (v3.4.0)
- fix: make .mcp.json work in both plugin and project context
- docs: fix cowork install command to cortex-cowork
- docs: add Cortex-cowork link for Cowork users
- fix: bump marketplace.json version to 3.3.0, update description
- docs: add marketplace installation as recommended setup path
- fix: format embedding_engine.py
- merge: security hardening + setup-project rebuild_profiles fix
- revert: restore original http_launcher.py — PYTHONPATH inherited from env
- fix: setup-project skill adds rebuild_profiles as Phase 2
- fix: viz server inherits CLAUDE_PLUGIN_DATA deps in PYTHONPATH
- security: harden code without touching install flow
- revert: security audit merge — broke marketplace plugin flow
- merge: security audit fixes — verified from bare metal
- fix: setup.sh registers MCP server in ~/.claude.json
- security: fix all findings from audit
- docs: add Getting Started section with installation guide
- docs: add Neural Graph section, update hooks/module counts
- docs: update agent team from 11 to 18 specialists
- fix: Docker — install hooks as cortex user, add CORTEX_RUNTIME env
- feat: discussions in neural graph, conversation viewer, fix all tests
- fix: hooks use exit 0 for skip cases, not exit 1
- fix: format install_hooks.py, remove dead code
- feat: runtime-aware storage, user-level hooks, autonomous setup
- fix: install psycopg before MCP server starts, use correct PYTHONPATH
- revert: remove broken memory neural graph integration (5 commits)
- fix: unified graph uses in-process server + materialized links + batch loading
- fix: single-command setup — DATABASE_URL default, backfill, env propagation
- fix: standalone viz server uses PostgreSQL + navigation API routes
- feat: complete Obsidian-like navigation — timeline, entity detail, live editing
- feat: Obsidian-like knowledge navigation — local graph, backlinks, breadcrumbs
- feat: neural evolution wave 2 — faithful DA RPE, schema acceleration, single-command setup
- chore: clean tasks — 6 development axes, remove 9 obsolete files
- fix: test report issues — checkpoint created_at, narrative cleanup, output caps
- fix: brighten text-dim for readability on dark backgrounds
- feat: dashboard UI updates for v3.2.0 — agent colors, protection rings, team badges
- feat: seamless auto-recall hook + full plugin hook registration
- fix: replace Mermaid with SVG diagrams for consistent rendering
- fix: replace ASCII diagrams with Mermaid for GitHub rendering
Full Changelog: https://github.com/cdeust/Cortex/compare/v3.2.0...v3.4.0
Security Fixes
- CVE‑2026‑XXXXX – ReDoS vulnerability fixed in CamelCase regex (CodeQL py/redos)
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About cdeust/Cortex
Persistent memory for Claude Code grounded in computational neuroscience (41 cited papers)
Related context
Beta — feedback welcome: [email protected]