AdGuardHome

As with everything in life, the best things are only the best because they stand out from the mundane. Without regular there would be no exceptional.

…all these words to say that this AdGuard Home update is the ‘boring’ one, with mostly bug fixes and security updates — so that the next time we add something new, it would feel fresh and exciting!

Acknowledgments

A special thanks to our community moderators team and to everyone who filed and inspected issues, added translations, and helped us test this release!

Full changelog

See also the v0.107.74 GitHub milestone.

Security

• Frontend libraries has been updated to prevent the possibility of exploiting the vulnerability described in CVE-2026-40175.

• Go version has been updated to prevent the possibility of exploiting the Go vulnerabilities fixed in 1.26.2.

Changed

Configuration changes

In this release, the schema version has changed from 33 to 34.

• Added a new field doh in http configuration.

  # BEFORE:
  'http':
    # …
  'tls':
    # …
    'allow_unencrypted_doh': false
  
  # AFTER:
  'http':
    # …
    'doh':
      'insecure_enabled': false
      'routes':
        - 'GET /dns-query'
        - 'POST /dns-query'
        - 'GET /dns-query/{ClientID}'
        - 'POST /dns-query/{ClientID}'
  'tls':
    # …
  

  To roll back this change, set the schema_version back to 33.

Fixed

• Incorrect forwarding of root domain requests when domain-specific upstreams are configured (#7058).

• The strict SNI check setting is not persisted when the TLS configuration is changed (#8327).

• Status reported by the launchd service implementation in cases of scheduled service restart.

• Fixed clients block/unblock when moving clients between allowed and disallowed lists.