Superset

vdesktop-v1.9.6 scope: desktop Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 19d AI Agents & Assistants

✓ No known CVEs patched

This release patches 1 known CVE

Topics

agentic-ai ai-agents claude-code cli codex coding-agents

+13 more

cursor-agent desktop-app developer-tools electron git-worktree llm mcp opencode orchestration parallel-agents tui vibe-coding worktrees

Affected surfaces

auth rce_ssrf

Summary

AI summary

Fixed simple‑git unsafe environment handling.

Type	Severity	Summary	CVE
Dependency	Medium	bump version to 1.9.5 bump version to 1.9.5 Source: llm_adapter@2026-05-21 Confidence: low	—
Bugfix	Medium	allow relay WSS origin in CSP for canary/prod allow relay WSS origin in CSP for canary/prod Source: llm_adapter@2026-05-21 Confidence: low	—
Refactor	Medium	fix simple-git unsafe env handling fix simple-git unsafe env handling Source: llm_adapter@2026-05-21 Confidence: low	—

Full changelog

chore(desktop): bump version to 1.9.5 by @saddlepaddle in https://github.com/superset-sh/superset/pull/4593
fix(web): allow relay WSS origin in CSP for canary/prod by @AviPeltz in https://github.com/superset-sh/superset/pull/4577
[codex] fix simple-git unsafe env handling by @Kitenite in https://github.com/superset-sh/superset/pull/4602

Full Changelog: https://github.com/superset-sh/superset/compare/desktop-v1.9.5...desktop-v1.9.6

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Track Superset

Get notified when new releases ship.

About Superset

Code Editor for the AI Agents Era - Run an army of Claude Code, Codex, etc. on your machine