RATATOSKRATATOSK
Sign in

OpenFGA

v1.11.6Security
Feb 24, 2026

OpenFGA v1.11.6 enables ListObjects pipeline by default for improved performance, upgrades gRPC client implementation, and addresses a security vulnerability in grpc-health-probe.

  • enhancementTest ListObjects pipeline performance impact

    The new default ListObjects pipeline algorithm may improve query performance but could change behavior. Monitor your ListObjects API calls after upgrade and be prepared to disable it with listObjects-pipeline-enabled=false if you encounter issues.

  • securityUpdate deployments using grpc-health-probe

    If you're using grpc-health-probe for health checks in your OpenFGA deployments, this update addresses CVE-2025-68121. Verify your container images are pulling the latest version and update any standalone grpc-health-probe binaries.

Key changes (3)

  • ListObjects pipeline algorithm now enabled by default (can be disabled with listObjects-pipeline-enabled=false)
  • Migration from deprecated grpc.DialContext to grpc.NewClient for grpc-gateway client
  • Security update: grpc-health-probe bumped to v0.4.45 addressing CVE-2025-68121