KrakenD CE 2.13.3 and EE 2.13.1 update released
by Jorge Tarrero
This patch release of KrakenD Community Edition and Enterprise Edition introduces a security fix for the gRPC feature (EE) and other gRPC-dependant components (CE).
It addresses CVE-2026-33186 which, although its critical categorization, it does not affect the KrakenD gRPC server feature due to the lack of usage of custom interceptors, authorization and others. Additionally, the MCP Server library was upgraded to address a potential vulnerability in the JSON payloads encoding process.
🚀 Summary of changes for EEv2.13.1 (patch)
Recommended upgrade of gRPC component
-
Fixed inconsistent new-line delimiter in
licensecommand. - Upgraded gRPC component addressing CVE-2026-33186.
- Upgraded MCP Server library to address a potential vulnerability in the JSON encoding.
Upgrading to the latest version is always advised.
🚀 Summary of changes for CEv2.13.3 (patch)
Recommended upgrade of gRPC-dependant components
- Upgraded gRPC-dependant components addressing CVE-2026-33186.
Upgrading to the latest version is always advised.
Categories:
Product UpdatesSecurity