Skip to content

lyonzin/knowledge-rag

v3.1.1 Security

This release includes 4 security fixes for security teams reviewing exposed deployments.

Published 2mo MCP Developer Tools
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 4 known CVEs

Topics

antigravity claude claude-code claude-code-cli codex cursor-ai
+14 more
document-search hybrid-search inteligencia-artificial knowledge-base local-ai mcp mcp-server llm rag-chatbot rag-pipeline reranking retrieval-augmented-generation semantic-search vector-db

Affected surfaces

breaking_upgrade

Summary

AI summary

Fixed markdown chunking bugs that caused code‑block comments and tiny header‑only chunks to be split incorrectly.

Full changelog

Fixes

Markdown Chunker (critical quality fix)

  • Code-block protection: # comments inside code fences no longer split as markdown headers
  • Split by ##/### only: # (H1) was catching shell comments and code — now ignored
  • Min chunk size 100 chars: Header-only chunks (32-53 chars of junk) now merge with next section
  • Result: c2-operations doc goes from 32 chunks (12 junk) → 17 chunks (0 junk)

New

  • AAR category: documents/aar/ maps to category "aar" (was "general")
  • 14 CVE aliases: PrintNightmare↔CVE-2021-34527, EternalBlue↔MS17-010, PwnKit↔CVE-2021-4034, Log4Shell↔CVE-2021-44228, ZeroLogon↔CVE-2020-1472, PetitPotam, CertiFried, noPac, ProxyLogon, ProxyShell

Upgrade

pip install --upgrade knowledge-rag

After upgrade, run reindex_documents(full_rebuild=true) to reprocess all documents with the fixed chunker.

Full Changelog

https://github.com/lyonzin/knowledge-rag/compare/v3.1.0...v3.1.1

Security Fixes

  • CVE-2021-34527
  • CVE-2021-4034
  • CVE-2021-44228
  • CVE-2020-1472
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track lyonzin/knowledge-rag

Get notified when new releases ship.

Sign up free

About lyonzin/knowledge-rag

Local RAG system for Claude Code with hybrid search (BM25 + semantic), cross-encoder reranking, markdown-aware chunking, query expansion, and 12 MCP tools. Runs entirely offline with zero external servers.

All releases →

Related context

Beta — feedback welcome: [email protected]