appsmith

Developer Productivity

An open‑source low‑code platform for rapidly building, deploying and maintaining custom internal applications like dashboards, admin panels and automation tools

Track releases GitHub Website

TypeScript Latest v2.1 · 5d ago Security brief →

Features

Low‑code visual builder for creating custom web apps quickly
Supports multiple deployment options: cloud SaaS, Docker containers, Kubernetes clusters, and AWS AMI
Extensive documentation, tutorials and community resources for onboarding and support

Recent releases

View all 7 releases →

Review required

v2.1 Breaking risk 5d

RCE / SSRF Dependencies Auth +1 more

SSRF filter + Caddy + Supervisord

Open

Review required

v2.0 Breaking risk 13d

RCE / SSRF Auth Dependencies +1 more

Mandatory v1.99 intermediate upgrade

Open

v1.99 Breaking risk 1mo

Security fixes

CVE-2025-70952 (critical)
CVE-2026-33937 (handlebars upgrade)
CVE-2026-22732 (Spring Security HTTP headers)

Notable features

AQL injection prevention in ArangoDB plugin
Reflected XSS prevention in ManualUpgrades

View release on GitHub

v1.98 Security relevant 2mo

Security fixes

Enforced edit permissions for application snapshot deletion (GHSA-g2hc-wmw2-32jr)
Prevented unauthenticated disclosure of instance metadata (APP-14994)
Prevented SQL injection in UQI filter service projection and sortBy columns

Notable features