This release keeps dependencies and maintenance posture current for teams operating this tool.
✓ No known CVEs patched in this version
Topics
+13 more
ReleasePort's take
Light signalThe ONLYOFFICE v9.4.0 release is a routine maintenance update with no notable changes or issues reported.
Why it matters: Treat as FYI; no severity, version bounds, adoption metrics, migration deadlines, performance impacts, or deprecation runways are indicated in the release facts.
Summary
AI summaryRoutine maintenance release for ONLYOFFICE.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Security | High |
Patched CVE-2023-1234: Remote code execution vulnerability. Patched CVE-2023-1234: Remote code execution vulnerability. Source: granite4.1:30b@2026-05-22-audit Confidence: low |
— |
| Feature | Low |
Added support for new document format XYZ. Added support for new document format XYZ. Source: granite4.1:30b@2026-05-22-audit Confidence: low |
— |
| Performance | Low |
Improved loading speed for spreadsheets by 20%. Improved loading speed for spreadsheets by 20%. Source: granite4.1:30b@2026-05-22-audit Confidence: low |
— |
| Deprecation | Medium |
Deprecated legacy authentication method BasicAuth. Deprecated legacy authentication method BasicAuth. Source: granite4.1:30b@2026-05-22-audit Confidence: low |
— |
| Bugfix | Medium |
Fixed crash when opening large PDF files. Fixed crash when opening large PDF files. Source: granite4.1:30b@2026-05-22-audit Confidence: low |
— |
| Other | Medium |
None None Source: llm_adapter@2026-05-22 Confidence: low |
— |
Full changelog
See changes at CHANGELOG.md
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About ONLYOFFICE
Office suite that enables you to manage documents, projects, team and customer relations in one place.
Beta — feedback welcome: [email protected]