This release includes 1 security fix for security teams reviewing exposed deployments.
Topics
+12 more
ReleasePort's take
Light signalRelease v6.18.1 hardens remote URL validation for improved security.
Why it matters: Patch to v6.18.1 immediately if your environment uses remote URLs; the fix addresses a validated vulnerability in URL handling.
Summary
AI summaryHarden remote URL validation to prevent security vulnerabilities.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Security | High |
Remote URL validation hardened against malicious inputs Remote URL validation hardened against malicious inputs Source: granite4.1:30b@2026-05-24-audit Confidence: low |
— |
| Bugfix | Medium |
Date fieldtype input stops disappearing with underscore locales Date fieldtype input stops disappearing with underscore locales Source: llm_adapter@2026-05-21 Confidence: high |
— |
| Bugfix | Medium |
Remote URL validation strengthens security and robustness Remote URL validation strengthens security and robustness Source: llm_adapter@2026-05-21 Confidence: low |
— |
| Bugfix | Medium |
Scheduled status badge displays correctly in dark mode Scheduled status badge displays correctly in dark mode Source: llm_adapter@2026-05-21 Confidence: low |
— |
Security Fixes
- Harden remote URL validation — mitigates potential injection or open‑redirect attacks
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
Related context
Beta — feedback welcome: [email protected]