Download Latest Version
6.0.3-update.zip (66.3 MB)
Get an email when there's a new version of Mautic
| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| 5.2.6-update.zip | 2025-05-27 | 51.5 MB | |
| 5.2.6.zip | 2025-05-27 | 74.9 MB | |
| Mautic Community 5.2.6 source code.tar.gz | 2025-05-27 | 33.5 MB | |
| Mautic Community 5.2.6 source code.zip | 2025-05-27 | 36.5 MB | |
| README.md | 2025-05-27 | 2.7 kB | |
| Totals: 5 Items | 196.4 MB | 0 | |
Announcing Mautic 5.2.6: Atlas Edition
🔒Security release
This release addresses several security issues. Please update at your earliest convenience after taking a backup and ensuring that it's working.
🔒 Security fixes
- CVE-2025-5257 - Predictable Page Indexing Might Lead to Sensitive Data Exposure - Reported and fixed by @lenonleite and tested/reviewed by @escopecz and @kuzmany in https://github.com/mautic/mautic/security/advisories/GHSA-cqx4-9vqf-q3m8
- CVE-2024-47056 - Mautic does not shield .env files from web traffic - Reported by @r3ky, analyzed by @lenonleite fixed by @nick-vanpraet and tested/reviewed by @patrykgruszka in https://github.com/mautic/mautic/security/advisories/GHSA-h2wg-v8wg-jhxh
- CVE-2024-47057 - User name enumeration possible due to response time difference on password reset form - Reported and fixed by @tomekkowalczyk and reviewed by @patrykgruszka and @nick-vanpraet in https://github.com/mautic/mautic/security/advisories/GHSA-424x-cxvh-wq9p
- CVE-2024-47055 - Segment cloning doesn't have a proper permission check - Reported and fixed by @abhisekmazumdar and @nick-vanpraet and tested/reviewed by @patrykgruszka in https://github.com/mautic/mautic/security/advisories/GHSA-vph5-ghq3-q782
- CVE-2025-5256 - Open Redirect vulnerability on user unlock path - Reported and fixed by @tomekkowalczyk, tested/reviewed by @patrykgruszka and @nick-vanpraet in https://github.com/mautic/mautic/security/advisories/GHSA-6vx9-9r2g-8373
- Phpspreadsheet upgrade by @escopecz in https://github.com/mautic/mautic/pull/15016
- SQL queries constructed with string concatenation [security] by @levente999 in https://github.com/mautic/mautic/pull/15040
What's Changed
🐛 Bugs
📄 Reports
- Fix report data bool filter by @AlanWierzchonCA in https://github.com/mautic/mautic/pull/14909
🚀 Segments
- Fix segment dependency tree UI by @patrykgruszka in https://github.com/mautic/mautic/pull/15028
🧑🦱 Contacts
- Use u.loginName instead of r.name to order by login name by @Dominic-Mayers in https://github.com/mautic/mautic/pull/14982
🐱 Categories
- The "Type" field is missing after saving an unfilled form [#14168] by @levente999 in https://github.com/mautic/mautic/pull/14445
💌 Emails
- Fix illegal character notice caused by iconv() in InputHelper.php by @matbcvo in https://github.com/mautic/mautic/pull/15006
New Contributors
- @Dominic-Mayers made their first contribution in https://github.com/mautic/mautic/pull/14982
Full Changelog: https://github.com/mautic/mautic/compare/5.2.5...5.2.6
SHA1(5.2.6.zip)= [66b8ea] SHA1(5.2.6-update.zip)= [3ffd25]