This is a beta security hotfix release. It's identical to v2026.1-beta, except for the security mitigations listed below. Upgrading is strongly recommended for all server operators.
- The JSON-LD keywords
@reverse, @graph and @included are now disallowed- JSON-LD payloads that result in more than one object after expansion are now disallowed
- Regex timeouts during note filtering are now handled gracefully
Check out the full changelog for more information on this release.