# v2025.1.12

## Changelog

### 🎯 Core

* 🐛 **CVE Fix (deps)**: Updated `google.golang.org/grpc` to `v1.79.3` to resolve CVE-2026-33186 — a server-side authorization bypass where malformed `:path` headers could circumvent path-based restricted deny rules in gRPC interceptors, [CHORE](https://github.com/roadrunner-server/roadrunner/issues/2326) (thanks @rebecca-canyon)