Skip to content

Feeds

Subscribe to one feed, track every tool under it. Feeds are grouped by audience so you can stack what matters and ignore the rest.

Security releases

Past 7 days

Security insights
Upgrade now
freescout 1.8.225 Security relevant
Auth RCE / SSRF Dependencies

Path traversal fix + CVE patches

Open
Upgrade now
Podman v5.8.3 Security relevant
RCE / SSRF

CVE-2026-44517 fix

Open
Upgrade now
Hasura v2.45.5 Security relevant

Security fix + server/data connector bugs

Open
Upgrade now
opentofu v1.11.9 Security relevant
Auth RCE / SSRF

SSH security fixes

Open
Upgrade now
opentofu v1.12.2 Security relevant
Auth RCE / SSRF

Security fixes

Open
Review required
Scoold 1.69.0 Security relevant
Auth RBAC

Security hardening

Open
Review required
FileRise v3.15.0 Security relevant
Auth RBAC

Shared-folder boundary hardening

Open
Upgrade now
SQLPage v0.44.1 Security relevant
Auth

OIDC protected path bypass fix

Open
Config change
Oikos v0.71.12 Security relevant
Auth

OIDC email verification strictness

Open
Upgrade now
wekan v9.37 Security relevant
Auth RBAC

BoardBleed fix

Open
Upgrade now
Vvveb CMS 1.0.8.6 Security relevant
Auth RCE / SSRF

XSS fixes + filename filter

Open
Config change
budibase 3.39.13 Security relevant
Auth

Login IP lockout

Open
Upgrade now
perry v0.5.1159 Security relevant
RCE / SSRF

Path‑traversal fix

Open
Upgrade now
langchain langchain-model-profiles==0.0.6 Security relevant
Dependencies

CVE-2026-4539 security fix

Open
Upgrade now
wekan v9.36 Security relevant
Auth

TokenBleed fix + API expansions

Open
Upgrade now
wiredoor v1.7.2 Security relevant
Dependencies

Security fixes

Open
Review required
Flyimg 1.12.1 Security relevant
Dependencies

Dependency updates

Open
Review required
Oikos v0.70.2 Security relevant
Auth RCE / SSRF

WebDAV security hardening

Open
Review required
Tapflow v0.8.0-next.2 Security relevant
Dependencies

CVE-2026-9277 fix

Open
Review required
Jenkins jenkins-2.568 Security relevant

Security fixes

Open
Review required
great_cto v2.65.1 Security relevant
Auth

CSRF mitigation

Open
Upgrade now
SoulSync 2.6.9 Security relevant
Auth

Server‑side PIN enforcement + secret masking

Open
Upgrade now
Cronicle v0.9.118 Security
Dependencies

shell-quote bump

Open
Upgrade now
langroid 0.65.3 Security relevant
RCE / SSRF

Sender verification in handle_message

Open
Upgrade now
langroid 0.65.2 Security relevant
RCE / SSRF

RCE fix in pandas eval

Open
Upgrade now
langroid 0.65.1 Security relevant
RCE / SSRF

SQL function‑name blocklist bypass fix

Open
Upgrade now
fireshare v1.6.16 Security relevant
Auth RCE / SSRF

SSRF fix

Open
Review required
Oikos v0.68.1 Security relevant
Auth RCE / SSRF

Documents preview hardening

Open
No immediate action
grafana v12.2.9 Security relevant

CVE fixes + Docker + Go update

Open
Upgrade now
Medialyze v0.15.0 Security relevant
Dependencies

Starlette update + duplication comparison

Open
Review required
Oikos v0.67.5 Security relevant
Auth

CSP + referrer policy

Open
Upgrade now
BookStack v26.05.1 Security relevant
Auth RCE / SSRF

Attachment leak + file protocol abuse

Open
Review required
Froxlor 2.3.8 Security relevant
Auth

CSRF token validation

Open
Monitor
Oikos v0.66.2 Security relevant
Crypto / TLS

Secure avatar color selection

Open
Upgrade now
coder v2.33.7 Security relevant
Dependencies RCE / SSRF

CVE fixes + aibridge header fix

Open

Beta — feedback welcome: [email protected]