This release includes 2 security fixes for security teams reviewing exposed deployments.
Topics
+11 more
Affected surfaces
Summary
AI summarySecurity fixes address XSS vulnerabilities and link‑schema issues in Markdown.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Security | Medium |
XSS vulnerability in page metadata fixed. XSS vulnerability in page metadata fixed. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: low |
— |
| Security | Medium |
Link schema handling in Markdown security fix applied. Link schema handling in Markdown security fix applied. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: low |
— |
| Feature | Medium |
Generic connectors for the OpenAI and Anthropic APIs added. Generic connectors for the OpenAI and Anthropic APIs added. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: high |
— |
| Feature | Medium |
Public key added to Docker setups with persistent storage. Public key added to Docker setups with persistent storage. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: low |
— |
| Bugfix | Medium |
Mail configuration error fixed. Mail configuration error fixed. Source: granite4.1:8b-q6_K@2026-05-21 Confidence: high |
— |
Full changelog
- Generic connectors for the OpenAI and Anthropic APIs.
- Security fix for XSS vulnerability in page metadata.
- Security fix for link schema handling in Markdown.
- Fixed an error in the mail configuration.
- Added a public key to Docker setups with persistent storage.
Security Fixes
- CVE‑2023‑XXXXX – XSS vulnerability in page metadata
- CVE‑2023‑YYYYY – Link schema handling issue in Markdown
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About typemill
Typemill is a flat-file CMS based on Markdown and designed for informational websites like documentation, manuals, and handbooks.
Beta — feedback welcome: [email protected]