v1.10.10-lts

New features

• Knowledge Base: Improved knowledge base search performance for complex scenarios with large amounts of data.
• Q&A Page: Users can directly submit files or images to ask questions.

Bug Fixes

• Knowledge Base: Fixed an issue where links in web knowledge base documents could not be accessed in some cases;
• Knowledge Base: Fixed an issue where search results were inaccurate when searching by segment content in the segment details of a document;
• Applications: Fixed an issue where parameters in function nodes in advanced orchestration applications were not echoed;
• Applications: Fixed an issue where node connections in advanced orchestration applications were incorrectly connected;
• Applications: Fixed an issue where AI responses were incorrectly included in the MCP execution results;
• Applications: Fixed an issue where dragging parameters multiple times in form collection nodes caused a console error;
• Applications: Fixed an issue where clicking a quick question set in the opening line in the conversation log would call the application's answer;
• Operation Logs: Fixed a vulnerability where user passwords could be seen in the operation log; (X-Pack)
• Installation and Deployment: Upgraded the PostgreSQL database version to v15.14;
• API Documentation: Fixed several known issues.

v2.0.2

New features

• Application: The advanced orchestration application has added a session variable function;
• Conversation User (X-Pack): Supports login via QR code for conversation users;
• Conversation User (X-Pack): Supports synchronization of LDAP and WeChat Work users;
• Resource Management (X-Pack): Supports unified management of workspace-related resources.

Enhancements

• Conversation User (X-Pack): Supports querying by user source and status;
• Knowledge Base: Improved knowledge base retrieval performance for complex scenarios with large amounts of data;
• Knowledge Base: Conversation users can query by user source;
• Application: Adjusted the file upload limit for advanced orchestration applications, allowing a maximum of 100 files to be uploaded in a single conversation, with a maximum size of 1000MB per file;
• Application: Supports querying by application release status;
• Application: Conversation users can query by user source;
• Q&A Page: Automatically populates the question field after uploading a file;
• Q&A Page: Optimized the login interaction experience in floating window mode and mobile mode;
• User Management: Supports querying by user source and status;
• System: Optimized the system UI style.

Bug Fixes

• Knowledge Base: Fixed the issue where an error is reported when hitting the test in full-text search mode;
• Knowledge Base: Fixed the problem of incorrect internationalization display for some content on the offline document upload page;
• Knowledge Base: Fixed the issue where the scroll range of the scrollbar on the segmentation rule page for uploading offline documents is incorrect;
• Application (X-Pack): Fixed the problem that AI responses were not displayed in Markdown style during conversations on the DingTalk platform connected to the application;
• Application: Fixed the error when MCP calls node execution in some cases;
• Application: Fixed the problem of repeated execution caused by multiple connections between two identical nodes;
• Application: Fixed the issue where parameters are displayed incorrectly when modifying model parameters;
• Application: Fixed the problem that unpublished applications were not filtered out when adding application sub-nodes;
• Q&A Page: Fixed the issue where the URL is not displayed when the uploaded file name contains the "&nbsp" character;
• Q&A Page: Fixed the problem that images in AI responses cannot be clicked to enlarge during user conversations;
• Q&A Page: Fixed the display misalignment issue when AI responses are table data;
• Q&A Page (X-Pack): Fixed the error when opening the Q&A page when the License is not authorized;
• Shared Model (X-Pack): Fixed the error when deleting a shared model.

v1.10.9-lts

Bug Fixes

• Security: Fixed a potential remote command execution vulnerability during MCP calls (CVE-2025-53928).
• Knowledge Base: Fixed the issue where an error occurs when saving after modifying the "Hit Handling Method" setting in the "Settings" of documents in Feishu Knowledge Base; (X-Pack)
• Knowledge Base: Fixed the problem that the update time of the document list does not update after adding, deleting, or modifying segments in the document.
• Function Library: Fixed the issue where the built-in database query function fails to serialize into a JSON string.
• Q&A Page: Fixed the problem that using shortcut keys to copy and paste images overwrites previously uploaded images.
• Q&A Page: Fixed the issue where files cannot be uploaded by dragging and dropping in the Firefox browser.
• Q&A Page: Fixed the problem that the URL is not displayed when the name of the uploaded file contains a " " character.
• Q&A Page: Fixed the issue of misaligned interface display when the application name is too long.
• Q&A Page: Fixed the problem that the latest questions are not displayed after the number of conversation records exceeds 20.
• Q&A Page: Fixed the issue where a single English word in the shortcut questions of the opening remarks is displayed in two lines.
• Application: Fixed the abnormal display of the Q&A page when the "Show History" setting is not checked in the "Display Settings" function of the simple application.
• Application: Fixed the issue of missing thinking process labels in some cases in advanced orchestration applications.
• Application: Fixed the problem that database files may be corrupted under special circumstances when there are many concurrent conversation users.
• Application: Fixed the error when exporting conversation logs when customizing the query time in the conversation logs.
• Application: Fixed the issue that non-streaming cannot count the consumed tokens when conducting conversations through the application's API Key.
• Application: Fixed the error caused by special characters in the form parameters output by the specified reply node.
• Application: Fixed the incorrect prompt when the configuration information of the MCP node is filled in incorrectly.
• Application: Fixed the issue that the DeepSeek-r1 model of Alibaba Cloud Bailian does not return content when calling the MCP service through the steamable HTTP MCP method.
• Installation and Deployment: Fixed several known issues.
• API Documentation: Fixed several known issues.

v2.0.1

Bug Fixes

• 【User Management】Fixed the error that occurs when editing a user;
• 【Application】Fixed the issue where the segmented display of knowledge source citations in conversations was incorrect when only "Display Knowledge Sources" was enabled without enabling "Execution Details" in the "Display Settings" function;
• 【Application】Fixed the error that occurs during conversations when the "Multi-channel Recall" node is executed if the value of the re-ranked content in the node is empty;
• 【Q&A Page】Fixed the problem that audio files in AI responses cannot be dragged for playback;
• 【Tools】Fixed the absence of the "Debug" function in the tool creation interface after users with the ordinary user role log in to the system;
• 【Shared Tools】Fixed the failure to add tools from the tool store. (X-Pack)

v2.0.0

Important Upgrades

■ Comprehensive Upgrade of Multi-Tenant Permission Management System (X-Pack)

In MaxKB V2, the multi-tenant permission management system has been fully upgraded. Through the collaboration of four modules: user management, role management, workspace, and resource authorization, an extensible multi - tenant permission management system has been built. It effectively supports the permission and resource management needs of multiple organizations, departments, and user groups, achieving precise control of permissions and resources by the system.

Role management is the core of the RBAC permission system. MaxKB V2 comes with three preset roles: system administrator, workspace administrator, and ordinary user. The system administrator has system - level management permissions, the workspace administrator is responsible for managing members and resource authorization, and ordinary users can maintain self - created and authorized resources.

In addition, MaxKB V2 supports the function of custom roles based on the system - preset roles. It allows for personalized permission configuration on the basis of inheriting the permissions of system administrators, workspace administrators, or ordinary users.

■ New Shared Resource Management Function (X-Pack)

MaxKB V2 has added a shared resource function, supporting cross - workspace resource reuse and collaboration. System administrators can uniformly manage core resources such as knowledge bases, tools, and models, and authorize them to designated workspaces. While ensuring the secure sharing of resources, it achieves a balance between sharing and control through permission control.

■ New Conversation User Management Function (X-Pack)

MaxKB V2 has also added the "conversation user management" function, supporting identity authentication on the question - asking end. Through the linkage of modules such as conversation users, user groups, application - conversation users, and knowledge base - conversation user authorization, this function realizes the management and control of users' question - asking scope and knowledge retrieval permissions. Thus, it achieves precise management of "one person, one permission" and "one group, one permission", further enhancing the security and controllability of the system. The new version of MaxKB also supports third - party authentication methods such as LDAP, OIDC, CAS, and OAuth2 to meet enterprise data security requirements.

■ Support for Managing Applications, Knowledge Bases, and Tools by Folder Directories

MaxKB V2 has upgraded its resource management capabilities. After logging in, users can enter the workspace to manage resources. Workspace resources include four core types: applications, knowledge bases, tools, and models. Among them, applications, knowledge bases, and tools can be managed by folder directories. This improvement facilitates users to classify and organize resources, conduct hierarchical management, and perform quick retrieval, greatly improving the efficiency of resource management and the convenience of use.

Enhancements

• Resource Management: System administrators are supported to view the list of applications, knowledge bases, tools, and model resources of all workspaces;
• Knowledge Base: After uploading offline documents to the general knowledge base, the original documents will be stored, and downloading of the original documents is supported;
• Knowledge Base: The segment detail page is optimized to support the adjustment of segment order;
• Application: The knowledge base retrieval node and multi - path recall node of advanced orchestration applications have added a switch setting of "results displayed in knowledge sources";
• Application: In the "display settings" function, setting the chat background of the question - and - answer page is supported; (X - Pack)
• Application: When having a conversation in the debugging preview, the saved application configuration is used;
• Application: An entry of "go to conversation" is added to the "settings" page of the application, facilitating users to go to the question - and - answer page for conversation after adjusting the configuration;
• Question - and - Answer Page: Advanced orchestration applications support the display of knowledge sources;
• Question - and - Answer Page: The interaction and style of the question - and - answer page are optimized;
• Security: Fixed a remote command execution vulnerability in the tool module (CVE-2025-53927);
• Security: Fixed a potential remote command execution vulnerability during MCP calls (CVE-2025-53928).

P.S. MaxKB does not currently support direct upgrade from version v1.10.x to v2.0.x. The MaxKB team plans to release a related migration tool in September 2025.

v1.10.8-lts

New features

• Application: MCP settings in MCP call nodes and AI dialogue nodes support Streamable HTTP protocol; by @liuruibin in #3088
• System: Added verification code verification function when users log in. by @shaohuzhang1 in #3117

Enhancements

• Login authentication (X-Pack): Support multi-level attribute mapping when connecting to OAuth2 login authentication platform.

Bug Fixes

• Security: Fix the vulnerability of exporting knowledge base as unsafe documents (CVE-2025-4546); by @shaohuzhang1 in #3105
• Security: Fix the vulnerability of function execution to obtain system sensitive information; by @shaohuzhang1 in #3127
• Application: Fix the problem of dialogue log export failure; by @shaohuzhang1 in #3100
• Application: Fix the problem that the document extraction node cannot extract complex table files; by @shaohuzhang1 in #3116
• Application: Fix the problem that the value of the variable will become the initial value after the form collection node is executed in the workflow; by @shaohuzhang1 in #3108
• Application: Fixed the problem that when the workflow contains a form collection node, after the AI ​​reply is completed, the refresh page displays incorrect content; by @shaohuzhang1 in #3081
• Application: Fixed the problem that when the workflow contains a sub-application node, the number of users in the sub-application overview is incorrect;
• Application (X-Pack): Fixed the problem that in the user number statistics of the overview "Monitoring Statistics", the number of users who asked questions on corporate WeChat, public accounts, DingTalk, and Feishu were not counted;
• Knowledge Base (X-Pack): Fixed the problem that the document segmentation of Feishu Knowledge Base was incorrect;
• Function Library: Fixed the problem that when the function parameter is a non-character type and the value is empty, the function is run with an error; by @shaohuzhang1 in #3107
• Function Library: Fixed the problem that some enabled parameters of the function will be changed to "X" after disabling and then enabling the function
• Q&A page: Fixed the problem that in some cases, the question will always be displayed as the question being answered; by @shaohuzhang1 in #3094
• Q&A page: Fixed the problem that the English words at the end of the line in the AI ​​reply content will be split into two lines; by @wangdan-fit2cloud in #3109
• Q&A page: Fixed the problem that after uploading a document on the Q&A page, the hover document will keep flashing. by @wangdan-fit2cloud in #3110

v1.10.7-lts

New features

• Model: Alibaba Cloud Bailian supports Qwen3 model. by @shaohuzhang1 in #3020

Enhancements

• Application: Optimize the query performance of conversation logs. by @shaohuzhang1 in #3016

Bug Fixes

• Application: The maximum similarity of mixed retrieval cannot be set to a value greater than 1; by @shaohuzhang1 in #3021
• Application: Fix the problem that the data of advanced orchestration application nodes cannot be echoed; by @shaohuzhang1 in #3019
• Application: When the opening remarks exceed 4096 characters, the application cannot be copied; @shaohuzhang1 in #3022
• Application: In the conversation, sensitive data exists when obtaining application details. by @shaohuzhang1 in #3018

v1.10.6-lts

Bug Fixes

• Application: Fixed the problem that the thinking process label could not be parsed when outputting the answer; by @shaohuzhang1 in #2971
• Application: Fixed the problem that debugging could not be performed when only the "Interface parameter transfer" parameter was set in the application. by @wangdan-fit2cloud in #2969

v1.10.5-lts

Enhancements

• Application: File upload supports uploading other custom file types. This type of file needs to be parsed by writing a function by yourself; by @wangdan-fit2cloud in #2940
• Q&A page: Support dragging files to the question input box; by @wangdan-fit2cloud in #2944
• Q&A page: Support copying and pasting files and content to the question input box. by @wangdan-fit2cloud in #2944

Bug Fixes

• Application: Fixed the problem that the asker parameter does not work when communicating through the openai interface; by @shaohuzhang1 in #2943
• Application: Fixed the problem that adding application nodes will show unavailable in some cases in advanced orchestration applications; by @shaohuzhang1 in #2945
• Application: Fixed the problem that the max_tokens parameter set for some models does not work, resulting in incomplete answers during dialogue; by @shaohuzhang1 in #2937
• Application: Fixed the problem that the application name in the label of the Q&A page is not updated after the application name is changed; by @wxg0103 in #2872
• Application: Fix the problem that MCP nodes cannot define data value parameters and Boolean parameters; by @liuruibin in #2871
• Q&A page: Fix the problem that the history is not displayed after a new user asks a question; by @shaohuzhang1 in #2954
• Q&A page: Fix the problem that the mobile terminal cannot click "Stop Answering"; by @wangdan-fit2cloud in #2849
• API Documentation (X-Pack): The name of the interface for obtaining the paging list of knowledge base documents is wrong;
• Appearance Settings (X-Pack): Fix the problem that the configuration information in the appearance settings is not used on the forgotten password and modified password pages.

v1.10.4-lts

Enhancements

• Application: In the judgement node of advanced arrangement, support adjusting the order of IF and ELSE IF branches by dragging and dropping; @wangdan-fit2cloud published in #2810
• Application: In the judgement node of advanced arrangement, the value of the judgment condition can be set to true or false; by @shaohuzhang1 in #2806
• Application: In the basic information node of advanced arrangement, optimize the display style problem when the default value of the interface parameter is long;
• Login authentication (X-Pack): Optimize the priority of obtaining the user's corporate email when logging in without password in WeChat for Enterprise.

Bug Fixes

• Security: Solve the vulnerability of reverse shell in the function library module (CVE-2025-3238); by @shaohuzhang1 in #2830
• Knowledge base: Fix the problem of error when the segment title exceeds 256 characters in the imported PDF document; by @liuruibin in #2803
• Application: Fix the problem that the interface parameters are not carried when the user asks questions using quick questions; @shaohuzhang1 in #2808
• Application: Fix the problem that the answer content is not output after the user submits the form collection when asking questions; by @shaohuzhang1 in #2824
• Application: Fix the problem that the model parameters are not updated after switching the selected AI model; by @shaohuzhang1 in #2826
• Application: Fixed the problem that the application name was not updated after the application name was modified and published on the workflow orchestration page; @wangdan-fit2cloud in #2825
• Application: Fixed the problem that the basic model was not listed after selecting the large language model when adding a model in the AI ​​dialogue node; by @liuruibin in #2804
• Application: Fixed the problem that the user field was not carried when exporting the dialogue log; by @wxg0103 in #2817
• Application: Fixed the problem that the nested sub-applications in the application would be displayed as unavailable in some cases; @wxg0103 in #2819
• Q&A page: fix the problem that the avatar is not displayed by default on the Q&A page; by @wangdan-fit2cloud in #2832
• Q&A page: fix the problem that the user's historical conversation record is lost; by @shaohuzhang1 in #2843
• Q&A page: fix the problem that the user input parameter is set as a required field when the multi-select box component is not verified when the user asks a question; by @shaohuzhang1 in #2839
• Model settings: fix the problem that the error is reported when adding a local rearrangement model; by @shaohuzhang1 in #2805
• Team members: fix the problem that the icon in the knowledge base list is not displayed according to the knowledge base type; by @wangdan-fit2cloud in #2806
• API Documentation (X-Pack): Fix the problem that the parameter description of the creation knowledge base interface in the API documentation is incorrect;
• API Documentation (X-Pack): Fix the problem that the access address is configured as https, but the interface API is still http during debugging.