<![CDATA[PeerTube v8.1.8 is out and it's a critical security release.]]>

<![CDATA[PeerTube v8.1.8 is out and it's a critical security release.]]>PeerTube v8.1.8 is out and it's a critical security release.
The SQL injection vulnerability fixed in v8.1.6 has been actively exploited since at least May 18, 2026. Attackers used it to generate root tokens and install a malicious plugin (peertube-plugin-google-analytics-js) that loads an external script.
v8.1.8 automatically removes the plugin and invalidates all OAuth tokens.
Release notes:
Please update the Cloudron package as soon as possible.

]]>https://forum.cloudron.io/topic/15542/peertube-v8.1.8-is-out-and-it-s-a-critical-security-release.RSS for NodeSat, 23 May 2026 14:18:29 GMTSat, 23 May 2026 11:40:13 GMT60<![CDATA[Reply to PeerTube v8.1.8 is out and it's a critical security release. on Sat, 23 May 2026 13:57:59 GMT]]>thanks, one of my instances seemed to be effected by this

]]>https://forum.cloudron.io/post/125054https://forum.cloudron.io/post/125054Sat, 23 May 2026 13:57:59 GMT