This release focuses on keeping your app safer and more reliable in production. It includes a targeted security fix and a compatibility update for Redis-backed caching and throttling.
Security
A security-related update was applied to address CVE-2026-33658 impacting Active Storage. This helps reduce risk around file upload handling while keeping the rollout safe by retaining existing framework defaults.
Stability Updates
Redis-backed caching and request throttling were updated to avoid issues with newer connection pooling behavior. This helps prevent unexpected errors and keeps protections like rate limiting working consistently under load.