Skip to content

Release history

Wagtail releases

Django content management system focused on flexibility and user experience.

Back to tool Latest release

All releases

15 shown

No immediate action
v7.4.1 Bugfix

Missing file restored

Open
v7.4 Breaking risk
⚠ Upgrade required
  • Django version must be >=4.3 (Django 4.2 support removed)
  • Project template Dockerfile now builds dependencies in a separate stage
  • Node.js upgraded to active LTS version 24 with Jest, Storybook, and ESLint updates
Breaking changes
  • Removed support for Django 4.2
Security fixes
  • CVE-2026-44197: Improper permission handling when comparing revisions
  • CVE-2026-44198: Improper permission handling when viewing page history
  • CVE-2026-44199: Improper permission handling when deleting form submissions
Notable features
  • Added `is_deferred_validation` flag to skip custom validation when saving drafts
  • Added `include_root` parameter to admin pages API endpoint
  • Added Flourish and Heyzine oEmbeds support
Full changelog
  • Add is_deferred_validation flag to support skipping custom validation when saving drafts (Daniel Kirkham)
  • Update project template Dockerfile to build dependencies in a separate stage (Brylie Oxley, Akshat Gupta)
  • Add include_root parameter to admin pages API endpoint (Divyansh Mishra)
  • Add support for Flourish oEmbeds (Garrett Coakley)
  • Add support for Heyzine oEmbeds (Baptiste Darthenay)
  • Allow specifying creation_form_class on ChooserViewSet as a dotted path string (K Adithya)
  • Various user experience improvements to autosave and concurrent editing notifications (Sage Abdullah)
  • Allow validation of required StreamField blocks to be deferred on saving drafts (Sage Abdullah)
  • Add WAGTAILDOCS_MAX_UPLOAD_SIZE setting for specifying maximum document file size (Om Harsh)
  • Set the project template WAGTAILDOCS_MAX_UPLOAD_SIZE to 10MB (Thibaud Colas)
  • Optimize combining of querysets in site history report (Alex Bridge)
  • Add more informative error for format-* operations on SVG images (Ankit Kumar)
  • Store preview data in new FormState model to improve compatibility with cookie-based sessions (Sage Abdullah)
  • Change StreamBlock options so groups are shown in declaration order of their blocks (Darshan Kerkar)
  • Add WAGTAILADMIN_PAGE_SEARCH_FILTER_BY_PERMISSIONS setting to disable permission filtering on page searches (Matt Westcott)
  • Use choice label when displaying choice fields in SnippetViewSet/ModelViewSet's list_display (Srishti Jaiswal)
  • Add new content check empty-meta-description to validate meta description tags are not empty (Thibaud Colas)
  • Add extractMetrics method to PreviewController to retrieve content metrics from the preview panel (Thibaud Colas)
  • Refine hover / focus styles for title field’s comment button (Srishti Jaiswal)
  • Preserve "Collapse all" button state when switching between editor tabs (Raghad Dahi)
  • Upgrade modelsearch to 1.3 (Matt Westcott)
  • Implement checker error highlights within the preview panel (Thibaud Colas)
  • Add routablefullpageurl template tag (Pravin Kamble)
  • Add support for customizing page explorer views per page type using PageViewSet (Sage Abdullah)
  • Enhance page content type usage view with custom listings and ability to create new pages (Sage Abdullah)
  • Fix: CVE-2026-44197: Improper permission handling when comparing revisions (Seoyoung Kang, Jake Howard)
  • Fix: CVE-2026-44198: Improper permission handling when viewing page history (Seoyoung Kang, Jake Howard, Dan Braghis)
  • Fix: CVE-2026-44199: Improper permission handling when deleting form submissions (Vishal Shukla, Jake Howard)
  • Fix: CVE-2026-44200: Improper permission handling when copying pages (Sanjok Karki, Matt Westcott)
  • Fix: CVE-2026-44201: Improper restriction handling on Documents and Images API (Sanjok Karki, Jake Howard)
  • Fix: Handle nested inline models when displaying object usage information (Sage Abdullah, Kacper Walęga, Tian Jie Wong)
  • Fix: Avoid duplicate get_object() DB query in API detail view (Siddheshwar Kadam)
  • Fix: Ensure ImageBlock alt text populates on choosing a new image after unchecking decorative state (Pratham Jaiswal)
  • Fix: Set verbose_name_plural for Query model in search promotions app (Saptami)
  • Fix: Truncate overly long task names in workflow admin view (Gaurav Takhi)
  • Fix: Hide "Add child page" button when no child pages can be created as per max_count or max_count_per_parent (Lasse Schmieding)
  • Fix: Prevent multiple child pages with max_count_per_parent being moved under one parent (James Biggs)
  • Fix: Use POST instead of DELETE in Cloudflare Frontend Cache Backend (Tom Usher)
  • Fix: Handle null values for title, author name or provider name in OEmbed responses (Baptiste Darthenay)
  • Fix: Preserve original data types from ChoiceBlock choices in block values (Devarshi Mani Tripathi)
  • Fix: Fix translation sync logic for django-treebeard 5.0.2 (Matt Westcott)
  • Fix: Correctly HTML-escape page title in approval/rejection notification emails (Matt Westcott)
  • Fix: Correctly HTML-escape URL in photo type oembeds (Thibaud Colas)
  • Fix: Ensure user with appropriate permissions can cancel a workflow task (Dan Braghis)
  • Fix: Ensure "submit to workflow" menu item uses the workflow name when creating pages (Sage Abdullah)
  • Fix: Better align page descriptions in add subpage views (Tibor Leupold)
  • Fix: Correctly close the Pages menu panel when clicking sidebar search (Divyansh Mishra)
  • Docs: Add documentation for the filter_spec parameter of ImageRenditionField (Soumya-codr)
  • Docs: Add guide for testing document upload forms (Wenli Tsai, Bhavesh Sharma)
  • Docs: Document the nested_default_fields attribute on API viewsets (Deepanshu Tevathiya)
  • Docs: Replace http with https in example URLs (Kunal Gupta)
  • Docs: Use pathlib.Path for settings in "Integrating into Django" documentation (Kunal Gupta)
  • Docs: Clarify example of how to implement custom embed finders (Naman Sharma S)
  • Docs: Add documentation for using the ReferenceIndex API (Saptami)
  • Docs: Retitle documentation page for settings contrib module to "Settings models" (Karl Hobley)
  • Docs: Fix typos and minor grammar issues (Kunal Gupta)
  • Docs: Correct references to macOS and POSIX shell in tutorial (Ankit Kumar)
  • Docs: Add PowerShell setup instructions to tutorial and correct method versus property terminology (Mustansir Dabhiya)
  • Docs: Fix ordering of image rendition documentation (Seb Corbin)
  • Docs: Remove references to now-addressed Django accessibility issues (Nirmal Kumar)
  • Docs: Add content personalization how-to guide (Thibaud Colas)
  • Docs: Add new package maintenance guidelines (Thibaud Colas)
  • Docs: Fix use of format_html in insert_global_admin_js example (Lasse Schmieding)
  • Docs: Mention front-end component names in Sphinx docs for discoverability (Aditya Kammati)
  • Docs: Clarify the icon template tag is only for admin views (Aditya Kammati)
  • Docs: Add documentation for generic published and unpublished signals (Kunal Hemnani)
  • Docs: Improve organization of signals reference docs (Sage Abdullah)
  • Docs: Add documentation for overriding the default user avatar image (Aviral Sapra)
  • Docs: Document how list_export in reports accepts a dotted path for nested attribute resolution (mikko2577)
  • Docs: Update audit log actions docs to cover all currently-logged actions (Thibaud Colas)
  • Docs: Document more approaches to mitigating untrusted file uploads when storing and serving documents (Thibaud Colas)
  • Docs: Clarify default value for for WAGTAILDOCS_SERVE_METHOD (Thibaud Colas)
  • Docs: Document security reporting policy about runtime vs. development dependencies (Thibaud Colas)
  • Docs: Add reference documentation for wagtail.admin.ui.tables (Sage Abdullah)
  • Maintenance: Removed support for Django 4.2
  • Maintenance: Fix LocaleController test failures caused by differing timezone representations between Node versions (Saptami, Matt Westcott)
  • Maintenance: Fix frontend coverage upload to Codecov (Sage Abdullah)
  • Maintenance: Update semgrep to 1.150.0 (Pravin Kamble)
  • Maintenance: Fix hash_filelike test case to account for line break differences on Windows (Mustansir Dabhiya)
  • Maintenance: Fix temporary file handling in redirect import tests on Windows (Mustansir Dabhiya)
  • Maintenance: Fix use of platform-specific date formatting in edit handler tests (Mustansir Dabhiya)
  • Maintenance: Bump Node.js to 24 (active LTS), upgrade Jest and Storybook (Sage Abdullah)
  • Maintenance: Use Docker Elasticsearch images for GitHub CI instead of unofficial actions (Matt Westcott)
  • Maintenance: Make LocaleController tests robust against changes to timezone data in Node (Sage Abdullah)
  • Maintenance: Fix PermissionError on document serve tests under Windows (Matt Westcott)
  • Maintenance: Update JavaScript linting to ESLint 9, with updated linting rules and related fixes (Sage Abdullah)
  • Maintenance: Replace Puppeteer with Playwright for integration tests (Sage Abdullah)
  • Maintenance: Upgrade to latest Sass with changes for deprecated if syntax (Sage Abdullah)
  • Maintenance: Add explicit timeout-minutes to GitHub Actions workflow jobs (Ashutosh)
  • Maintenance: Upgrade Python tooling, testing, and docs dependencies (Sage Abdullah)
  • Maintenance: Support skipping transaction unit tests with a tag (Sage Abdullah)
  • Maintenance: Remove unreachable code in wagtail.py (Oluwagbeminiyi Agbedejobi)
  • Maintenance: Upgrade django-treebeard dependency to 4.8-5.x (Samir Shah)
  • Maintenance: Clean up JSDoc & ordering of values in SwapController (LB (Ben Johnston))
  • Maintenance: Refactor accessibility checker code to use generic content checker terminology (Thibaud Colas)
  • Maintenance: Upgrade BeautifulSoup dependency to >=4.13.3 (Matt Westcott)
  • Maintenance: Make sphinx_llms.txt extension optional when building docs (Sage Abdullah)
  • Maintenance: Refactor handling of invalid form submissions in choosers (Sage Abdullah)
  • Maintenance: Switch StreamField block rendering to use w-block- prefixes for block type class names (Kalash Kumari Thakur)
  • Maintenance: Upgrade CodeQL security scanning to cover more parts of the codebase (Thibaud Colas)
  • Maintenance: Upgrade django-modelcluster to 6.5 to fix issues with duplicated inline children (Alex Tomkins, Matt Westcott)
View release on GitHub
v7.3.2 Security relevant
Security fixes
  • Improper permission handling when comparing revisions (CVE not provided)
  • Improper permission handling when viewing page history (CVE not provided)
  • Improper permission handling when deleting form submissions (CVE not provided)
Full changelog
  • Security fix: Improper permission handling when comparing revisions (Seoyoung Kang, Jake Howard)
  • Security fix: Improper permission handling when viewing page history (Seoyoung Kang, Jake Howard, Dan Braghis)
  • Security fix: Improper permission handling when deleting form submissions (Vishal Shukla, Jake Howard)
  • Security fix: Improper restriction handling on Documents and Images API (Sanjok Karki, Jake Howard)
  • Security fix: Improper permission handling when copying pages (Sanjok Karki, Matt Westcott)
  • Fix: Use protocol-relative URLs in the userbar for compatibility with environments where Django does not detect the protocol (Sage Abdullah)
  • Fix: Index the contents of image descriptions as well as titles, for CMS search (Advik Sharma)
  • Fix: Avoid creating a new editing session when updating UI elements after an autosave (Sage Abdullah)
  • Fix: Group audit log entries for autosave operations in page history view (Sage Abdullah)
  • Fix: Retain page explorer header buttons when searching or filtering (Sage Abdullah)
  • Fix: Correctly escape the sizes attribute in responsive image template tags (Jake Howard)
  • Fix: Add accessible label to userbar aside element for accessibility (Kalash Kumari Thakur)
  • Fix: Pause SessionController pings during autosave to prevent conflict notification with own session (Sage Abdullah)
  • Fix: Ensure live preview does not get stuck when edits occur during an in-progress update (Aniket Singh)
  • Fix: Ensure only one autosave request can happen at a time to prevent incorrect conflict notifications with the current session (Sage Abdullah)
  • Fix: Prevent incorrect concurrent editing conflict notifications when doing a manual save (Sage Abdullah)
View release on GitHub
v7.0.7 Security relevant
Security fixes
  • Improper permission handling when comparing revisions
  • Improper permission handling when viewing page history
  • Improper permission handling when deleting form submissions
Full changelog
  • Security fix: Improper permission handling when comparing revisions (Seoyoung Kang, Jake Howard)
  • Security fix: Improper permission handling when viewing page history (Seoyoung Kang, Jake Howard, Dan Braghis)
  • Security fix: Improper permission handling when deleting form submissions (Vishal Shukla, Jake Howard)
  • Security fix: Improper restriction handling on Documents and Images API (Sanjok Karki, Jake Howard)
  • Security fix: Improper permission handling when copying pages (Sanjok Karki, Matt Westcott)
  • Fix: Index the contents of image descriptions as well as titles, for CMS search (Advik Sharma)
  • Fix: Correctly escape the sizes attribute in responsive image template tags (Jake Howard)
  • Fix: Add accessible label to userbar aside element for accessibility (Kalash Kumari Thakur)
  • Fix: Prevent incorrect concurrent editing conflict notifications when doing a manual save (Sage Abdullah)
View release on GitHub
v7.3.1 Security relevant
Security fixes
  • CVE-2026-28222 — Improper escaping of HTML in TableBlock class attributes (Cross‑site Scripting).
  • CVE-2026-28223 — Improper escaping of HTML in simple_translation admin interface (Cross‑site Scripting).
Full changelog
  • Fix: CVE-2026-28222: Improper escaping of HTML (Cross-site Scripting) on TableBlock class attributes (Guan Chenxian, Matt Westcott)
  • Fix: CVE-2026-28223: Improper escaping of HTML (Cross-site Scripting) in simple_translation admin interface (Guan Chenxian, Matt Westcott)
  • Fix: Update dependencies to allow django-modelsearch 1.2 and django-tasks 0.11
  • Fix: Fix duplicate inline panel items when editing snippets with autosave enabled (Sage Abdullah)
  • Fix: Prevent dropdowns from closing after a successful autosave (Sage Abdullah)
  • Fix: Show placeholder image icons when image upload previews fail (Collins Kubu)
  • Fix: Ensure that 'create' form within choosers is not hidden on validation errors (Ankit Chaudhary)
  • Maintenance: Update semgrep to 1.150.0 (Pravin Kamble)
View release on GitHub
v7.2.3 Security relevant
Security fixes
  • CVE-2026-28222 — Improper escaping of HTML causing XSS in TableBlock class attributes
  • CVE-2026-28223 — Improper escaping of HTML causing XSS in simple_translation admin interface
Full changelog
  • Fix: CVE-2026-28222: Improper escaping of HTML (Cross-site Scripting) on TableBlock class attributes (Guan Chenxian, Matt Westcott)
  • Fix: CVE-2026-28223: Improper escaping of HTML (Cross-site Scripting) in simple_translation admin interface (Guan Chenxian, Matt Westcott)
  • Maintenance: Update semgrep to 1.150.0 (Pravin Kamble)
View release on GitHub
v7.0.6 Security relevant
Security fixes
  • CVE-2026-28222 — Improper escaping of HTML (Cross-site Scripting) on TableBlock class attributes
  • CVE-2026-28223 — Improper escaping of HTML (Cross-site Scripting) in simple_translation admin interface
Full changelog
  • Fix: CVE-2026-28222: Improper escaping of HTML (Cross-site Scripting) on TableBlock class attributes (Guan Chenxian, Matt Westcott)
  • Fix: CVE-2026-28223: Improper escaping of HTML (Cross-site Scripting) in simple_translation admin interface (Guan Chenxian, Matt Westcott)
View release on GitHub
v6.3.8 Security relevant
Security fixes
  • CVE-2026-28222 — Improper escaping of HTML (Cross-site Scripting) on TableBlock class attributes
  • CVE-2026-28223 — Improper escaping of HTML (Cross-site Scripting) in simple_translation admin interface
Full changelog
  • Fix: CVE-2026-28222: Improper escaping of HTML (Cross-site Scripting) on TableBlock class attributes (Guan Chenxian, Matt Westcott)
  • Fix: CVE-2026-28223: Improper escaping of HTML (Cross-site Scripting) in simple_translation admin interface (Guan Chenxian, Matt Westcott)
View release on GitHub
v7.0.5 Breaking
Breaking changes
  • Removed the upper bound on the Pillow dependency, allowing any newer versions.
Changelog
  • Remove upper bound on Pillow dependency (Kunal Hemnani)
View release on GitHub
v6.3.7 Breaking
Breaking changes
  • Removed upper version constraint for Pillow dependency
Changelog
  • Remove upper bound on Pillow dependency
View release on GitHub
v7.3 Security relevant
Security fixes
  • CVE-2026-25517: Improper permission handling on admin preview endpoints
Full changelog
  • Add support for Django 6.0
  • Resize overly large avatar images on upload (Harshit Ranjan)
  • Add natural keys for Page and Collection models (Samya Aggarwal)
  • Add Loom oEmbed provider (Nick Ivons)
  • Add ModelViewSet.pk_path_converter with defaults for IntegerField and UUIDField primary keys (Seb Corbin)
  • Improve accessibility for sidebar menu with visual active (expanded) menu item indicators (Vignesh Shivhare)
  • Add before_edit_setting / after_edit_setting hooks (Baptiste Mispelon)
  • Lower default AVIF encoding quality from 80 to 73 (Thibaud Colas)
  • Provide a structured rendering of StreamBlock in comparison view (Taras Panasiuk)
  • Add support for settings and custom block layouts for StructBlock (Sage Abdullah)
  • Add llms.txt versions of the developer documentation and Wagtail user guide (Thibaud Colas)
  • Lower default JPEG and AVIF image quality settings to provide consistent perceptual quality between formats (Thibaud Colas)
  • Add support for custom content checks with client-side registration (Thibaud Colas)
  • Initial support for autosave (Matt Westcott, Sage Abdullah)
  • Fix: Do not try to resolve locale during fixture load (Jake Howard, Seb Corbin)
  • Fix: Gracefully handle oEmbed responses with a non-200 status or missing type (Shivam Kumar, Bhavesh Sharma)
  • Fix: Keep action button labelled as "Publish" rather than "Schedule to publish" if go-live date has passed (Vishrut Ramraj)
  • Fix: Pass accumulated icons to each register_icons hook (Joey Jurjens, Sage Abdullah)
  • Fix: Skip revisions that are missing the specified field in StreamField migrations (Joshua Munn)
  • Fix: Preserve listing search and filter parameters when redirecting from bulk actions (Sage Abdullah)
  • Fix: Ensure that object references within TypedTableBlock are counted in the reference index (Aman Bora)
  • Fix: Fix slug auto-generation when slug field is omitted from page edit form (Pravin Kamble)
  • Fix: Ensure request.is_preview and request.preview_mode are set for password-required responses (Ishtpreet Singh)
  • Fix: Optimise storage of redirect paths containing Unicode characters and ensure percent-encoded characters are matched case-insensitively (Andy Babic, Florin Barnea, Aman Bora, Matt Westcott)
  • Fix: Ensure that reference index records are deleted when the target object is deleted (bettercallok)
  • Fix: Ensure filters are applied to export button URLs in custom page listings (Ritik Arya, Sage Abdullah)
  • Fix: Prevent conflicting IDs in nested StructBlocks with blocks named content (Sage Abdullah, Serkan Korkusuz)
  • Fix: CVE-2026-25517: Improper permission handling on admin preview endpoints (thxtech, Matt Westcott, Jake Howard)
  • Docs: Recommend running purge_embeds after an embed provider changes policies (Paul Souders)
  • Docs: Document WAGTAILIMAGES_FORMAT_CONVERSIONS in the settings docs (David Buxton)
  • Docs: Wording changes to Draftail extension docs to improve searchability (Lasse Schmieding)
  • Docs: Fix StreamField param name (Baptiste Mispelon)
  • Docs: Clarify that before_delete_page and similar hooks only trigger on the individual page view, not bulk actions (Shivam Kumar)
  • Docs: Clarify template location in custom user model documentation (Akhil Muraleedharan)
  • Docs: Improve signposting for contributor docs (Matt Westcott)
  • Docs: Add mention of novalidate attribute in form builder docs (Thibaud Colas)
  • Docs: Fix formatting for PageQuerySet.prefetch_related performance note (Lasse Schmieding)
  • Docs: Fix path to search.html in tutorial (Lee Hart)
  • Docs: Grammar fixes to contributor guidelines (Biswajeet Yadav)
  • Docs: Mention punctuation is unsupported in paths for RoutablePageMixin (Tibor Leupold)
  • Docs: Various typo and grammar fixes (Mustansir Dabhiya)
  • Docs: Improve instructions for building documentation on Windows (Mustansir Dabhiya)
  • Docs: Provide recommended image quality settings for common use cases (Thibaud Colas)
  • Docs: Add detailed documentation on reordering within generic listing view (Ankit Chaudhary)
  • Docs: Document early notification process for security releases (Jake Howard)
  • Docs: Remove mention of Wagtailtrans from internationalization docs (Andreas Nüßlein)
  • Maintenance: Dropped support for Django 5.1
  • Maintenance: Updated NPM packages (LB (Ben) Johnston)
  • Maintenance: Rationalize front-end linting tasks and run concurrently (LB (Ben) Johnston)
  • Maintenance: Add a basic set of Storybook stories for the Stimulus Autosize controller (LB (Ben) Johnston)
  • Maintenance: Remove use of _WAGTAILSEARCH_FORCE_AUTO_UPDATE in search tests (Matt Westcott)
  • Maintenance: Add unit test for SubmitController error handling (LB (Ben) Johnston)
  • Maintenance: Improve nightly release upload scripts (Jake Howard)
  • Maintenance: Upload redundant latest.whl nightly build for ease of use with package managers (Sage Abdullah)
  • Maintenance: Move MANIFEST.in settings into pyproject.toml (Pravin Kamble)
  • Maintenance: Fix linting rules B006 and B904 (Vivek Subramani, Matt Westcott)
  • Maintenance: Remove jQuery dependency for image URL generator (LB (Ben) Johnston)
  • Maintenance: Upgrade to django-modelcluster 6.4.1 for Django 6.0 compatibility (Matt Westcott)
  • Maintenance: Refactor CreateView/EditView validation logic to support non-form validation (Matt Westcott)
  • Maintenance: Formalized support for Django 6.0 (Pravin Kamble)
  • Maintenance: Add no-jquery ESLint plugin to start final deprecation of jQuery (LB (Ben) Johnston)
  • Maintenance: Add mode value to w-teleport to allow different DOM update strategies (Sage Abdullah)
  • Maintenance: Ignore 'build' dir when running ESLint (Matt Westcott)
  • Maintenance: Upgrade to django-tasks 0.11.0 for Django 6.0 and Python 3.11 compatibility (Guilhem Saurel)
  • Maintenance: Switch userbar items to the template components API (Thibaud Colas)
View release on GitHub
v7.2.2 Security relevant
Security fixes
  • CVE-2026-25517 — Improper permission handling on admin preview endpoints
Full changelog
  • Fix: Prevent conflicting IDs in nested StructBlocks with blocks named content (Sage Abdullah, Serkan Korkusuz)
  • Fix: CVE-2026-25517: Improper permission handling on admin preview endpoints (thxtech, Matt Westcott, Jake Howard)
View release on GitHub
v7.1.3 Security relevant
Security fixes
  • CVE-2026-25517 — Improper permission handling on admin preview endpoints
Full changelog
  • Fix: Allow userbar in page previews to render without needing to configure site record (Sage Abdullah)
  • Fix: Disable usage count ordering when searching on documents and images listing views, to prevent unsupported search query (Sage Abdullah)
  • Fix: Prevent conflicting IDs in nested StructBlocks with blocks named content (Sage Abdullah, Serkan Korkusuz)
  • Fix: CVE-2026-25517: Improper permission handling on admin preview endpoints (thxtech, Matt Westcott, Jake Howard)
View release on GitHub
v7.0.4 Security relevant
Security fixes
  • CVE-2026-25517 — Improper permission handling on admin preview endpoints
Full changelog
  • Fix: Prevent error on custom generic create and edit views without a header icon (Sage Abdullah)
  • Fix: CVE-2026-25517: Improper permission handling on admin preview endpoints (thxtech, Matt Westcott, Jake Howard)
View release on GitHub
v6.3.6 Security relevant
Security fixes
  • CVE-2026-25517 — Improper permission handling on admin preview endpoints
Full changelog
  • Fix: Remove ngram parser on MySQL that prevented autocomplete search from returning results (Vince Salvino)
  • Fix: CVE-2026-25517: Improper permission handling on admin preview endpoints (thxtech, Matt Westcott, Jake Howard)
View release on GitHub

Beta — feedback welcome: [email protected]