AdGuard Home | v0.107.77

AdGuard Home v0.107.77 released on 02-06-2026


AdGuard Home v0.107.77 is out now. It fixes a critical authorization path traversal vulnerability in GLiNET mode (CVE-2026-41448), so users running AdGuard Home in GLiNET mode should upgrade promptly.

See the project’s GitHub repository for the full changelog and consult openapi/openapi.yaml for the new API parameter specification.

What’s in this release

  • Fix for authorization path traversal in GLiNET mode (CVE-2026-41448), reported by @djnnvx
  • Added new reason query parameter to GET /control/querylog for finer-grained filtering and semantics (see openapi/openapi.yaml)
  • Deprecated response_status query parameter on GET /control/querylog in favour of the new reason parameter; clients should migrate

Upgrade notes

  • Users running AdGuard Home in GLiNET mode should upgrade to v0.107.77 promptly to close the authorization/path traversal hole.
  • The response_status parameter remains supported for compatibility but is deprecated and will be removed in a future release; update client integrations to use reason.

Share comments about your upgrade experience on the v0.107.77 milestone or by opening an issue on the project’s GitHub; contributions to testing, reports and translations are appreciated.

Related posts

Weekly Tech Digest | 06 Jul 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's pressing issues.

wolfCOSE zero-allocation parsing in embedded C

wolfCOSE looks sensible only if you care about what your firmware actually has to carry. I like that, because on small targets the wrong crypto feature can cost more than the message itself, and there...

restic | v0.19.1

restic v0 19 1: safer FUSE mounts and mountpoint checks, robust backup source and exclude handling, clearer CLI JSON output, Windows SFTP deletion fixes