Skip to content

Release history

milvus releases

Milvus is a high-performance, cloud-native vector database built for scalable vector ANN search

Back to tool Latest release

All releases

16 shown

No immediate action
client/v2.6.5 New feature

Nullable vectors + Array updates + Validation

Open
No immediate action
v2.6.17 Maintenance

Routine maintenance and dependency updates.

Open
No immediate action
v2.6.16

Routine maintenance and dependency updates.

Open
client/v2.6.4 New feature
Notable features
  • Struct‑array vector sub‑field column types (ColumnFloatVectorArray, ColumnBinaryVectorArray, etc.)
  • EmbeddingList search vector types for struct‑array fields with MAX_SIM support
  • WithStructArrayColumn helper for insert/upsert and gRPC authority configuration via ClientConfig.WithGrpcAuthority
Full changelog

Highlights

  • Completes Go SDK (client/v2) struct-array support, especially vector sub-fields and EmbeddingList/MAX_SIM search.
  • Fixes custom gRPC DialOptions so they no longer drop the SDK's default keepalive, backoff, and max receive message-size settings.

New Features

  • Struct-array vector sub-field columns: Added vector-array column types for struct-array vector sub-fields: ColumnFloatVectorArray, ColumnFloat16VectorArray, ColumnBFloat16VectorArray, ColumnBinaryVectorArray, and ColumnInt8VectorArray. These support ArrayOfVector sub-fields inside struct arrays. (#49164)

  • EmbeddingList search vector types: Added entity.FloatVectorArray, entity.Float16VectorArray, entity.BFloat16VectorArray, entity.BinaryVectorArray, and entity.Int8VectorArray, dispatching them to the matching PlaceholderType_EmbList* values. This enables MAX_SIM / EmbeddingList search against struct-array vector sub-fields such as clips[clip_emb]. (#49164)

  • Struct-array insert/upsert helper: Added WithStructArrayColumn(name, structSchema, rows) to column-based insert/upsert options. The helper accepts []map[string]any row data and infers scalar/vector sub-column types from the provided struct schema. (#49164)

  • gRPC authority configuration: Added ClientConfig.WithGrpcAuthority(authority) for proxy-based routing through the gRPC :authority header. (#49186)

Bug Fixes

  • Default gRPC dial options are preserved: Client.dialOptions() now always applies DefaultGrpcOpts before user-provided DialOptions, retaining SDK defaults for keepalive, backoff, and max receive message size while still allowing caller overrides. (#49186, issue #48828)

  • Struct-array schema validation: Added Schema.Validate() and StructSchema.Validate() and wired validation into CreateCollection. Invalid struct-array sub-fields are rejected before the RPC, including nested array/struct fields, sparse vector sub-fields, duplicate sub-field names, and top-level-only flags such as primary key, partition key, clustering key, nullable, default value, dynamic, and autoID. (#49164, issue #49163)

  • Struct-array schema round trip: Schema.ReadProto() now restores StructArrayFields, and ProtoMessage() preserves max_capacity by propagating the parent setting to sub-fields when needed. Array / ArrayOfVector wrappers from the server are unwrapped back to user-facing scalar/vector sub-field types. (#49164)

  • Struct-array write correctness: columnStructArray now enforces equal lengths across sub-fields, appends a row atomically with rollback on partial sub-field failure, and serializes top-level struct-array field data as DataType_ArrayOfStruct. (#49164)

  • Vector-array response decoding: Query/search result decoding now handles DataType_ArrayOfVector, validates nil vector rows, validates payload lengths against dimension/width, rejects invalid binary vector dimensions, and preserves vector-array sub-field data in Go column types. (#49164)

  • Builder error handling: WithStructArrayColumn stores construction errors and returns them from InsertRequest / UpsertRequest instead of panicking during chained builder calls. (#49164)

Contributors

  • @zhuwenxing
  • @liliu-z
  • @milanchovatiya-boop
View release on GitHub
v2.6.15 Maintenance

Release note is coming soon...

Changelog

Release note is coming soon...

View release on GitHub
client/v2.6.3 New feature
Security fixes
  • OpenTelemetry upgraded to v1.40.0 to fix CWE-426 (Untrusted Search Path) vulnerability
  • Go runtime upgraded to 1.24.12 to address security CVEs
Notable features
  • TruncateCollection API enabling rapid data removal
  • GetReplicateConfiguration API exposing replication topology
  • Nullable Go pointer fields allow NULL values in row data
View release on GitHub
v2.6.13 New feature
Notable features
  • Native support for Google Gemini text embedding models
  • Consistent KV path and key handling across storage backends
  • Go SDK now includes TruncateCollection for bulk collection cleanup
View release on GitHub
v2.6.12 Security relevant
Security fixes
  • Bumped OpenTelemetry to v1.40.0 to fix CWE-426 untrusted search path vulnerability
Notable features
  • GetReplicateConfiguration API for inspecting replication topology with redacted tokens
  • Configurable TLS minimum version for object storage connections across all backends
  • Automatic warmup for large tenant collections to reduce cold‑start query latency
View release on GitHub
v2.6.11 New feature
Security fixes
  • Upgraded Go to version 1.24.12 and updated gpgv to patch reported CVEs
Notable features
  • Truncate API for efficient collection data removal
  • RESTful search_by_pk endpoint added
  • LoadWithStrategyAsync enables true I/O pipelining in Storage V2
View release on GitHub
v2.5.27 Security relevant
Breaking changes
  • Metrics endpoint now requires authentication when authorization is enabled, breaking existing clients that assumed unauthenticated access.
Security fixes
  • CVE-2026-26190: authentication bypass on metrics port (CVSS 9.8) mitigated
  • Metrics endpoint now requires authentication when authorization is enabled to prevent unauthorized access
Notable features
  • Go runtime upgraded to 1.24.12 fixing multiple CVEs
  • Dependency packages updated to resolve several security issues
View release on GitHub
v2.6.10 Security relevant
Security fixes
  • Fixed critical security vulnerability CVE-2026-26190
  • Added authentication to the metrics endpoint when authorization is enabled
Notable features
  • Automatic FP32-to-FP16/BF16 conversion for search reduces storage usage
  • KMS key revocation stops WAL consumption to protect data integrity
  • Load pool limits segment load concurrency for better resource control
View release on GitHub
v2.5.26 Security relevant
Security fixes
  • Added security controls to the /expr endpoint to prevent remote expression execution vulnerabilities
Notable features
  • gRPC metadata header added for client request time tracking
  • Pulsar client upgraded to version 0.17.0 fixing send buffer race conditions
View release on GitHub
v2.6.9 New feature
Breaking changes
  • Enforced storage V2 format usage and deprecated V1 writes
Security fixes
  • Added security controls for the /expr endpoint to prevent unauthorized access
Notable features
  • Primary key search support
  • Segment reopen on data or schema changes
  • Storage version label metric for observability
View release on GitHub
v2.5.25 Bug fix
Notable features
  • Added automatic retry for object storage rate limit errors
  • Introduced configurable variable-length field size estimation
  • Improved indexing slot allocation accuracy
View release on GitHub
v2.6.8 Security relevant
Breaking changes
  • RootCoord default port changed to a non-ephemeral port
  • Duplicate primary keys are now rejected in upsert batch requests
Security fixes
  • Fixed data security vulnerability in storage handling
  • Addressed concurrency bug that could expose data
Notable features
  • Search result highlighting for documents
  • Concurrent execution of text index tasks for multiple fields
  • Penalty policy for QueryNodes to handle resource exhaustion
View release on GitHub

Beta — feedback welcome: [email protected]