Skip to content

LinkAce

v2.5.7 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 9d Productivity & Wikis
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 1 known CVE

Topics

archive archiving bookmark-manager bookmark-managers bookmarking bookmarks
+4 more
docker laravel php self-hosted

Affected surfaces

auth deps

Summary

AI summary

Bulk‑submitting links now blocks javascript: URLs to prevent injection attacks.

Changes in this release

Security Medium

Disallows javascript: URLs in bulk link submissions

Disallows javascript: URLs in bulk link submissions

Source: llm_adapter@2026-05-25

Confidence: low
Dependency Medium

Updated dependencies

Updated dependencies

Source: llm_adapter@2026-05-25

Confidence: low
Full changelog
  • Security fixes:
    • The bulk-submitting of links now properly disallows javascript: in URLs
  • Dependencies were updated

Security Fixes

  • Bulk link submission disallows javascript: URLs, preventing injection attacks.
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track LinkAce

Get notified when new releases ship.

Sign up free

About LinkAce

LinkAce is a self-hosted archive to collect links of your favorite websites.

All releases →

Related context

Related tools

Beta — feedback welcome: [email protected]