This release includes 5 security fixes for security teams reviewing exposed deployments.
Topics
ReleasePort's take
Moderate signalMisskey 2026.5.4 patches CVE-2026-46712 in the client and resolves a build failure.
Why it matters: Client vulnerability requires immediate patching if Misskey clients are deployed. Update to 2026.5.4 before next production deployment.
Summary
AI summaryUpdates General, Client, and https://github.com/misskey-dev/misskey/security/advisories/GHSA-2m3r-xx7x-63j6 across a mixed release.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Security | Medium |
Fixes CVE-2026-46712 vulnerability. Fixes CVE-2026-46712 vulnerability. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: low |
— |
| Bugfix | Medium |
Resolves build failure issue in client. Resolves build failure issue in client. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: high |
— |
Full changelog
General
- セキュリティに関する修正
- GHSA-2m3r-xx7x-63j6 (CVE-2026-46712)
- GHSA-w8x2-gpq6-jxvf (CVE-2026-46713)
- GHSA-38jx-423m-g387 (CVE-2026-47746)
- GHSA-wmhf-m93m-rgmj (CVE-2026-46714)
- GHSA-j49q-76hx-mv8f (CVE-2026-48115)
Client
- Fix: ビルドに失敗することがある問題を修正
Security Fixes
- GHSA-2m3r-xx7x-63j6 — CVE-2026-46712
- GHSA-w8x2-gpq6-jxvf — CVE-2026-46713
- GHSA-38jx-423m-g387 — CVE-2026-47746
- GHSA-wmhf-m93m-rgmj — CVE-2026-46714
- GHSA-j49q-76hx-mv8f — CVE-2026-48115
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
Beta — feedback welcome: [email protected]