Raneto

v0.18.1 Security

This release includes 4 security fixes for security teams reviewing exposed deployments.

Published 2mo Productivity & Wikis

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 4 known CVEs

Topics

editor knowledgebase markdown nodejs self-hosted wiki

+1 more

writing

Summary

AI summary

Major update with breaking Node.js minimum requirement change to v24.x LTS, extensive security fixes including path traversal vulnerabilities and XSS prevention, added rate limiting and CSP nonce support, improved authentication flow.

Breaking Changes

Minimum Node.js version is now v24.x LTS

Security Fixes

Path traversal vulnerability
Search ReDoS
XSS prevention in markdown rendering
Prevent error details leakage

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Raneto

Get notified when new releases ship.

About Raneto

Markdown powered Knowledgebase Wiki for Node.js

All releases →

Related context

Related tools

Beta — feedback welcome: [email protected]