<![CDATA[**v8.1.8 Important security upgrade**]]>**v8.1.8 Important security upgrade**

We have learned that the SQL injection vulnerability fixed in v8.1.6 has been exploited at scale since at least May 18, 2026 and so before the v8.1.6 release.

We released a new version that remove all user token access gained before v8.1.6. We also explain the attack in the changelog and the countermeasures taken by this release.

**Please upgrade to v8.1.8 as soon as possible.**

Link Preview Image
Release v8.1.8 · Chocobozzz/PeerTube

ActivityPub-federated video streaming platform using P2P directly in your web browser - Release v8.1.8 · Chocobozzz/PeerTube

favicon

GitHub (github.com)

]]>https://board.circlewithadot.net/topic/e0a12fb7-390c-413a-b15c-f51f9e2b7290/v8.1.8-important-security-upgradeRSS for NodeTue, 26 May 2026 00:44:30 GMTSat, 23 May 2026 09:17:17 GMT60<![CDATA[Reply to **v8.1.8 Important security upgrade** on Sat, 23 May 2026 10:22:07 GMT]]>@gunchleoc You can delete existing tokens on /admin/settings/system/runners/registration-tokens-list

If you didn't enable remote runners, you don't need to do this.

]]>https://board.circlewithadot.net/post/https://framapiaf.org/users/peertube/statuses/116623391311953788https://board.circlewithadot.net/post/https://framapiaf.org/users/peertube/statuses/116623391311953788Sat, 23 May 2026 10:22:07 GMT<![CDATA[Reply to **v8.1.8 Important security upgrade** on Sat, 23 May 2026 10:17:33 GMT]]>@peertube hey @funfacts_de, security release für peertube ^

]]>https://board.circlewithadot.net/post/https://mastodon.social/users/shadowwwind/statuses/116623373334388621https://board.circlewithadot.net/post/https://mastodon.social/users/shadowwwind/statuses/116623373334388621Sat, 23 May 2026 10:17:33 GMT<![CDATA[Reply to **v8.1.8 Important security upgrade** on Sat, 23 May 2026 10:10:18 GMT]]>@peertube thanks for the transparent and precise report
and the quick and efficient reaction
❤

a pleasure ❤

]]>https://board.circlewithadot.net/post/https://piaille.fr/users/benjamin/statuses/116623344797243489https://board.circlewithadot.net/post/https://piaille.fr/users/benjamin/statuses/116623344797243489Sat, 23 May 2026 10:10:18 GMT<![CDATA[Reply to **v8.1.8 Important security upgrade** on Sat, 23 May 2026 09:47:20 GMT]]>@peertube Who's been affected by this and how did you learn about this?

]]>https://board.circlewithadot.net/post/https://spacey.space/users/OliviaVespera/statuses/116623254543708677https://board.circlewithadot.net/post/https://spacey.space/users/OliviaVespera/statuses/116623254543708677Sat, 23 May 2026 09:47:20 GMT<![CDATA[Reply to **v8.1.8 Important security upgrade** on Sat, 23 May 2026 09:39:41 GMT]]>@John_Livingston All versions < 8.1.6 are vulnerable

]]>https://board.circlewithadot.net/post/https://framapiaf.org/users/peertube/statuses/116623224441731672https://board.circlewithadot.net/post/https://framapiaf.org/users/peertube/statuses/116623224441731672Sat, 23 May 2026 09:39:41 GMT<![CDATA[Reply to **v8.1.8 Important security upgrade** on Sat, 23 May 2026 09:38:38 GMT]]>@peertube
What is the first vulnerable version?

]]>https://board.circlewithadot.net/post/https://mamot.fr/users/John_Livingston/statuses/116623220283422105https://board.circlewithadot.net/post/https://mamot.fr/users/John_Livingston/statuses/116623220283422105Sat, 23 May 2026 09:38:38 GMT