Cloudreve logo

Cloudreve

Self-hosted file management system with multi-cloud support

Alternative to: dropbox, google drive, onedrive

Cloudreve screenshot

About Versions (79)

4.13.0

2026-02-05

[!CAUTION] This release contains critical security updates for CVE-2026-25726; please update as soon as possible. Updating to this version will cause the following unavoidable side effects:

  • All active login sessions will be invalidated;
  • Existing direct links for non-redirected local storage policies will become invalid (URLs containing ?sign=xxx);
  • Other signed temporary links that have not yet expired will become invalid (URLs containing ?sign=xxx).

  • If your database was first initialized with Cloudreve version >= 4.10.0, this security vulnerability does not affect you.
  • Specific details will be disclosed 60 days after this release.
  • Fix: Use cryptographically secure random number generator for sensitive fields (Kudos to @orenyomtov)
  • Improvement: File list tooltips should no longer obstruct downward mouse movement (#3170)
  • Improvement: Performance optimization for drag-selection of files
  • Fix: Unable to drag and drop files in list view (#2937)
  • Fix: Inaccessible direct links for newly created empty files (#3239)
  • Fix: 500 error when uploading to SeaweedFS S3 storage policies (#3265)
  • Fix: OAuth endpoint handling of code_challenge inconsistent with documentation (#3261)