Security hub

Security release intelligence

Breaking changes, CVEs, and upgrade notes across security-critical developer tools.

This week

KEV-cited releases

Most-cited: ART

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Are patches keeping up?

90 days

Action Required

View KEV feed

Review required

graphify v0.8.31 Mixed 3h

RCE / SSRF

Hook script hardening + interpreter embedding

Open

Review required

agent-framework dotnet-1.9.0 3h

Auth RBAC

Routine maintenance and dependency updates.

Open

Upgrade now

stagehand @browserbasehq/[email protected] Maintenance 4h

Dependencies

Routine maintenance and dependency updates.

Open

Review required

Superset desktop-v1.12.2 Mixed 5h

Auth RBAC

desktop, terminal, billing, api, relay, projects, pty

Open

Review required

mastra @mastra/[email protected] Breaking risk 6h

Auth RBAC Breaking upgrade

Routine maintenance and dependency updates.

Open

Active KEV

All KEV

No KEV-cited releases in the current window.

High EPSS

All high EPSS

No high-EPSS release patches in the current window.

Recent CVE Patches

Review required

etcd v3.4.45 Breaking risk 2d

Breaking upgrade

Linux, macOS, Docker update

patches CVE-2023-44487

Open

No immediate action

pastefy 7.2.2 Security relevant 4d

Language support + OAuth fix

patches CVE-2025-31125

Open

Review required

streamlit 1.58.0 Security relevant 6d

Auth RBAC

Breaking removals + new features

patches CVE-2023-4863

Open

Review required

ActiveMQ activemq-6.2.6 Breaking risk 7d

Auth RBAC RCE / SSRF

Serializable package removal + hardened access

patches CVE-2016-3088 patches CVE-2016-4437 patches CVE-2021-39144 +5 more

Open

No immediate action

anything-llm v1.13.0 Security relevant 8d

Model Router + Scheduled Jobs + Memories

patches CVE-2025-31125

Open

Security Tool Updates

Security feed

Upgrade now

doco-cd v0.90.1 Security relevant 10h

Auth RBAC

OCI security fix

Open

Monitor

pocketbase v0.22.46 Security relevant 12h

Go action min version bump

Open

Upgrade now

mastodon v4.4.18 Security relevant 13h

Auth RCE / SSRF

Security fixes + media description handling

Open

Upgrade now

filebrowser v2.63.6 Security relevant 16h

Auth RBAC

Security disclosures fixed

Open

Review required

caddy v2.11.4 Security relevant 18h

Auth RBAC

Security patches + deps upgrade

Open

Response-Speed Leaderboard

No response-speed signal has been computed yet.

Supply-Chain Matrix Preview

Open matrix

picomatch

CVE-2026-33671 · High

315 tools

minimatch

CVE-2026-27904 · High

291 tools

minimatch

CVE-2026-27903 · High

289 tools