Category: Security

6 June 2026
rclone | v1.74.3

rclone v1.74.3 release: maintenance patch with bug fixes, performance and backend tweaks, download binaries verify checksums, test in staging, check changelog

Read more
6 June 2026
Vault | v2.0.2

Vault: containers drop cap ipc lock set disable mlock true and disable swap, SSH RSA capped 8192 bits, Go 1 26, Azure plugin update, Transit UI and plugin fixes

Read more
6 June 2026
Traefik | v3.7.4

Traefik v3 7 4: Redis write timeout fix, Web UI deps updated, Backend TLS status fix, HTTP3 quicgo bump, TLS SNI keepalive fix improving stability

Read more
6 June 2026
rclone | v1.74.3

rclone v1 74 3: patch release with crash fixes, reliability fixes, rebuilt binaries and CI updates, downloads, docs, see changelog and upgrade if needed

Read more
6 June 2026
Traefik | v3.7.4

Traefik v3 7 4: fixes Redis writeTimeout, updates dashboard deps, BackendTLSPolicy status corrected, quicgo and SNI keepalive fixes for HTTP3, upgrade

Read more
6 June 2026
n8n | n8n@2.23.4

n8n 2 23 4 fixes PDF parsing in Data Loader by polyfilling DOMMatrix, resolves issue 31700, upgrade recommended for Node and older browsers

Read more
6 June 2026
ESPHome | 2026.5.3

ESPHome 2026 5 3: RC5 polarity fix, ESP32 ESP IDF reporting and clean rebuild, RP2040 Windows longpath lwipopts fix, BLE duplicate Device Info fixed

Read more
6 June 2026
HomeAssistant Core | 2026.6.1

HomeAssistant Core 2026 6 1: stability and bug fixes, dependency upgrades, integration fixes, unified token auth, improved diagnostics and device registration

Read more
5 June 2026
GitHub file access through compromised development tools

A third-party development software compromise does not need to reach production to hurt. If a tool can read GitHub files, it can still expose source code, secrets, and enough context to make the next move easier; that is the bit people miss.

Read more
5 June 2026
Traefik | v3.7.3

Traefik v3 7 3: migration required, TLS SNI fixes, Kubernetes and Ingress NGINX updates, middleware logging dashboard fixes, dependency bumps, re run tests

Read more
5 June 2026
Traefik | v3.7.3

Traefik v3 7 3: patches routing, TLS, middleware and Kubernetes issues, updates dependencies, follow v3 to v3 7 migration guide

Read more
5 June 2026
NocoDB | 2026.06.0

NocoDB June 2026: Cross base Sync, NocoDocs versions, 2 and 6 week calendars, group toggle, grid UX, API, self host, security fixes

Read more
5 June 2026
n8n | n8n@2.23.3

n8n 2 23 3: fixes evaluation runs stuck in new status, upgrade promptly, restart service to mitigate, see commit fde615b issue 31702

Read more
4 June 2026
Patch diffing Adobe Acrobat PDF prototype pollution

Adobe Acrobat PDF prototype pollution is one of those bugs that only looks neat after the fact. The diff shows three separate failures, and the ugly bit is how ordinary object lookup, trusted JavaScript, and a bit of inherited state were allowed to meet in the middle.

Read more
4 June 2026
Human-led AI-assisted pentesting and review limits

AI-assisted pentesting is useful in the boring middle, where it can sort noise, group candidates, and keep a large target set moving. The trouble starts when it sounds certain about nonsense, so I keep the machine on collection and sorting, then take back judgement before anything matters.

Read more
4 June 2026
Vector | v0.56.0

Vector v0 56 0: Databricks UC sink, delay, HTTP retry options, zstd, per tag cardinality caps, Parquet to S3, fixes, GreptimeDB 1 x required

Read more
4 June 2026
Caddy | v2.11.4

Caddy v2.11.4: security fixes, TLS and SNI stability, reverse proxy robustness, HTTP and tooling updates, spammy reports blocked, many contributors credited

Read more
4 June 2026
Caddy | v2.11.4

Caddy v2 11 4: security fixes, TLS and SNI stability, reverse proxy and request body hardening, HTTP and template fixes, perf tweaks, community contributions

Read more
4 June 2026
HomeAssistant Core | 2026.6.0

HomeAssistant Core 2026 6 0: major UI, automation, integration and API updates, compatibility and safety notes, backup and rollback advice, upgrade checklist

Read more
3 June 2026
Public GitHub leaked AWS GovCloud credentials

A public GitHub repository should not have been holding AWS GovCloud credentials, yet there they were, alongside backups, passwords and internal deployment files. I spent too long on the dull bit, because the dull bit is usually where the damage starts.

Read more
3 June 2026
Nextcloud | v32.0.11

Nextcloud v32 0 11: security hardening and patches, stability and bug fixes in core and apps, performance improvements, updater guidance, upgrade promptly

Read more
3 June 2026
AdGuard Home | v0.107.77

AdGuard v010777: security fix CVE202641448 GLiNET auth path traversal, new reason query param GET control querylog, response status deprecated, upgrade now

Read more
3 June 2026
Nextcloud | v32.0.11

Nextcloud v32 0 11: critical security hardening, Files WebDAV sharing fixes, performance and stability improvements, upgrade and app notes

Read more
3 June 2026
AdGuard Home | v0.107.77

AdGuard Home v0 107 77 fixes critical GLiNET auth path traversal CVE 2026 41448, adds reason filter for GET control querylog replacing response status, update

Read more
3 June 2026
n8n | n8n@2.23.2

n8n 2 23 2: Fixes Insights paywall, uses slugs for MCP registry, makes timestamps timezone aware, clears editor pin, reverts name validation

Read more