Homelab & Self-Hosted

Self-hosted apps, homelab tools, and home automation platforms.

All Breaking Security Features

Important Recent

← Releases

Upgrade now

fireshare v1.6.14 Security relevant 1h

RCE / SSRF

Command injection fix

Open

Upgrade now

Oikos v0.60.4 Security relevant 10h

ReDoS fix

Open

v0.60.3 (10h) Restricted API access

Upgrade now

filebrowser v2.63.6 Security relevant 19h

Auth RBAC

Security disclosures fixed

Open

Upgrade now

openrundev/openrun](https: v0.17.7 Security relevant 1d

Auth

Open redirect fix

Open

Upgrade now

Oikos v0.57.1 Security relevant 1d

Auth Dependencies

Denial‑of‑service fix

Open

Upgrade now

Nystik-gh/ignis v0.8.3+obsidian.1.12.7 Security relevant 2d

Auth RCE / SSRF

WebSocket security fix

Open

Config change

BlazeUp-AI/Observal](https: v1.4.1 Security relevant 3d

Auth

API key redaction gaps

Open

No immediate action

pastefy 7.2.2 Security relevant 4d

Language support + OAuth fix

patches CVE-2025-31125

Open

Upgrade now

notifuse v32.1 Security relevant 4d

Dependencies Breaking upgrade

liquidjs security bump

Open

Upgrade now

Onyx Community Edition v3.3.10 Security relevant 5d

RCE / SSRF

ReDoS elimination

Open

v4.0.3 (5d) ReDoS elimination

Upgrade now

statistics-for-strava v4.8.4 Security relevant 5d

Auth Breaking upgrade

Log file access fix

Open

Review required

Oikos v0.55.0 Security relevant 5d

Auth

XSS fix in modals

Open

Upgrade now

ClipBucket 5.5.3-#145 Security relevant 5d

Auth RCE / SSRF

Remote code execution fix

Open

Upgrade now

Rackula v0.10.1 Security relevant 5d

Dependencies

CVE‑2026‑8723 fix

Open

Upgrade now

typemill v2.23.1 Security relevant 7d

Dependencies

Library vulnerability fixes

Open

Upgrade now

Pingvin Share X v1.18.1 Security relevant 8d

Auth

TOTP vulnerability patch

Open

Upgrade now

changedetection.io 0.55.6 Security relevant 9d

RCE / SSRF

SSRF fix

Open

Upgrade now

many-notes v0.16.0 Security relevant 9d

RCE / SSRF

Path traversal fix + MIME validation + media format changes

Open

Review required

LinkAce v2.5.7 Security relevant 9d

Auth Dependencies

Blocks javascript URL injection

Open

Review required

Shaarli v0.16.2 Security relevant 11d

Auth RBAC

XSS fixes

Open

Upgrade now

ClipBucket 5.5.3-#136 Security relevant 12d

Auth

SQL injection fix

Open

Security behavior changed

bugsink 2.2.0 Security relevant 13d

Auth RBAC

Project scoping security fixes

Open

Upgrade now

BookStack v26.03.5 Security relevant 13d

Auth

MFA rate limiting

Open

Review required

Pingvin Share X v1.18.0 Security relevant 13d

Dependencies

Security mitigations

Open

Upgrade now

jotty 1.24.0 Security relevant 14d

Dependencies Breaking upgrade

Next.js security fixes

Open

Upgrade now

tugtainer v1.30.2 Security relevant 15d

RCE / SSRF

RCE fix

Open

Review required

0xMassi/webclaw v0.6.3 Security relevant 15d

RCE / SSRF

Core hardened

Open

Upgrade now

solidtime v0.12.2 Security relevant 16d

Auth RBAC

Email exposure fix

Open

Subscribe to this feed

Get Homelab & Self-Hosted releases in your personal feed.

481

Tools

6,944

Releases

Top tools

pocket-id

server

immich

kanboard

uptime-kuma

open-webui

Kyoo

FreshRSS

View all 481 tools →

Browse releases

View all 13 releases →