Workflow

Mwdb-core

Latest version: v2.14.0

Safety actively analyzes 710445 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 5 of 6

2.2.0

Not secure
New MWDB Core release :tada: Web part was heavily refactored and uses React Context instead of Redux, so some plugins that extends the web application may need to be ported before upgrade.

If you are plugin developer, see [What's changed](https://mwdb.readthedocs.io/en/latest/whats-changed.html) section in MWDB Core documentation.

New features:

- Remote API feature (feature draft: https://github.com/CERT-Polska/mwdb-core/issues/157) that allows to connect your own mwdb-core instance with mwdb.cert.pl ([Documentation](https://mwdb.readthedocs.io/en/latest/remotes-guide.html)
- New file download endpoint (https://github.com/CERT-Polska/mwdb-core/pull/290)

Bugfixes and improvements:

- Improved error handling in web app (https://github.com/CERT-Polska/mwdb-core/pull/316)
- Same set of buttons in Preview and Details tab (https://github.com/CERT-Polska/mwdb-core/pull/278)
- Unified object routes in web app (`/file/<hash>` instead of `/sample/<hash>`) (https://github.com/CERT-Polska/mwdb-core/pull/314)
- If route is not available, web app redirects to `/` (https://github.com/CERT-Polska/mwdb-core/pull/293)
- Disabled `multiple` option in upload dropzone (https://github.com/CERT-Polska/mwdb-core/pull/277)
- Optimized `/api/user` administration endpoint (https://github.com/CERT-Polska/mwdb-core/pull/286)
- Added `NOT NULL` constraint in associative tables (https://github.com/CERT-Polska/mwdb-core/pull/279)
- `Shares` box links to `uploader:` query instead of user/group management view (https://github.com/CERT-Polska/mwdb-core/pull/295)

2.1.2

Not secure
Bugfix release for regression introduced in v2.1.0. Fixed by https://github.com/CERT-Polska/mwdb-core/pull/259.

Bugfixes:
- `uploader:` query didn't show correct results (issue https://github.com/CERT-Polska/mwdb-core/issues/257)
- `uploader:` query allowed to search for all users' uploads even if they're not a member of requestor's own groups. Results were still nonsense though due to previous bug.
- `/profile/<login>` endpoint allowed to get basic profile info (e-mail address, registration and last login timestamp) of arbitrary user even if they're not a common member with requestor's groups.

2.1.1

Not secure
Bugfixes:

- Fixed regression in 2.1.0: `Static config` and `Parsed config` tab didn't work correctly (https://github.com/CERT-Polska/mwdb-core/pull/253)

2.1.0

Not secure
New features:

- Exact array search for configurations - `cfg.urls*.url:...` syntax (https://github.com/CERT-Polska/mwdb-core/pull/231)
- Support for S3-compatible object storage (https://github.com/CERT-Polska/mwdb-core/pull/236, thanks jamie-34254 for contribution)
- Marking objects as favorite (https://github.com/CERT-Polska/mwdb-core/pull/237)
- Presenting count of found objects in search (https://github.com/CERT-Polska/mwdb-core/pull/249)
- New "Groups" view that allows to inspect which users are in our own groups (https://github.com/CERT-Polska/mwdb-core/pull/167)
- Support for human-readable file size in search and UI (https://github.com/CERT-Polska/mwdb-core/pull/233)

Bugfixes:

- Legacy config upload endpoint (`PUT ​/api​/config​/{identifier}`) allows to upload configuration even if user has no `adding_configs` capability.

2.0.0

Not secure
Stable version of MWDB Core 2.0.0 finally released! :tada:

More information can be found in our [blog post](https://www.cert.pl/en/news/single/set-up-your-own-malware-repository-with-mwdb-core/).

New features:
- Added support for mail server authentication (224, thanks dmarxn for contribution)

2.0.0rc1

Not secure
Release candidate version :tada: If you want to try it, check out [mwdb-core documentation](https://mwdb.readthedocs.io/en/latest/) for setup guide.

Bugfixes:
- Search: ISE 500 when remainder was missing in `meta:` query (204)
- User registration: `Submit` button not disabling after successful registration (206)
- User update: missing `Set user permission` button when user doesn't have any capabilities turned on (213)
- Minor UI fixes

New features:
- Configuration upload requires `adding_configs` capability (205)
- Pending user can be rejected without sending notification mail (209)
- Added support for `mwdb configure` entrypoint in plugins (217)

**This is a pre-release version.** You're welcome to try it, but if you want a smooth installation experience and stable interface you should wait for the official release instead.

We're working hard to deliver all of these things as soon as possible. Stay tuned and follow [our Twitter](https://twitter.com/CERT_Polska_en)!

Page 5 of 6

Links

Releases

Has known vulnerabilities

Previous Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.