This release includes 1 security fix for security teams reviewing exposed deployments.
Topics
Affected surfaces
Summary
AI summaryUpdates deps, https://github.com/nextcloud/notes/pull/1853, and https://github.com/nextcloud/notes/pull/1834 across a mixed release.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Dependency | Low |
Updates easymde from 2.20.0 to 2.21.0 Updates easymde from 2.20.0 to 2.21.0 Source: llm_adapter@2026-06-02 Confidence: high |
— |
| Dependency | Low |
Updates axios from 1.15.0 to 1.16.0 Updates axios from 1.15.0 to 1.16.0 Source: llm_adapter@2026-06-02 Confidence: high |
— |
| Dependency | Low |
Updates fast-xml-builder from 1.1.5 to 1.2.0 Updates fast-xml-builder from 1.1.5 to 1.2.0 Source: llm_adapter@2026-06-02 Confidence: high |
— |
| Dependency | Low |
Updates php-cs-fixer/shim from 3.94.2 to 3.95.1 Updates php-cs-fixer/shim from 3.94.2 to 3.95.1 Source: llm_adapter@2026-06-02 Confidence: high |
— |
| Bugfix | Medium |
Fixes sharing on older NC versions with files v3 Fixes sharing on older NC versions with files v3 Source: llm_adapter@2026-06-02 Confidence: high |
— |
| Bugfix | Medium |
Fixes npm audit issues Fixes npm audit issues Source: llm_adapter@2026-06-02 Confidence: high |
— |
Full changelog
Fixed
Dependencies
Security Fixes
- [main] Fix npm audit (notes#1834)
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
Beta — feedback welcome: [email protected]