Khoros Communities 26.1 Release Notes
The Khoros Communities 26.1 release delivers critical security patches including RCE vulnerability remediation, extensive accessibility improvements for mobile screen readers, and stability fixes across moderation workflows, content management, and API functionality. Classic Fixed badges being awarded before posts were approved on pre-moderated boards. Fixed anchor links within posts failing to scroll to their target sections. Fixed quoting posts with code samples throwing errors for users with Simple HTML permissions. Fixed top contributors widget displaying users in incorrect order. Fixed Table of Contents button not appearing in blog article editor when enabled. Fixed search autocomplete retaining incorrect selection when cursor moved away quickly. Fixed Accept Solution option missing from Group posts. Fixed solutions leaderboard showing fewer users than configured when role filters were applied. Fixed external video embeds from Brightcove and other providers failing to render. Fixed Vimeo embeds with longer video IDs disappearing after publishing. Fixed "Show older messages" in Private Messages causing page refresh on repeated clicks. Fixed ban edit popup displaying empty for deleted users. Fixed product and tag autocomplete failing with special characters like "/" and "_". Fixed GroupHub subscription status displaying incorrectly after page reload. Fixed admin metrics date range filter returning results outside specified dates. Fixed orphaned HTML appearing in posts when mentioned users were deleted. Added support for .f3z file attachments. Fixed Hi-Labels validation incorrectly triggering when editing attachments or comments. Fixed role filter in Community Analytics throwing errors. Fixed TKB and Blog workflow notification emails not being sent when spam filtering was triggered. Fixed archive search filter counts showing zero despite archived content existing. Fixed user search filter state lost after browser back navigation. Fixed Safari on macOS intermittent failures with sort filters and post actions. Fixed email validation not being enforced during registration, allowing accounts without email addresses. Fixed notifications not being delivered for posts on pre-moderated forums after approval. Fixed Private Messages failing to load for users with certain message history patterns. Changed PDF attachments to use native browser viewer instead of third-party preview. Implemented clipboard content sanitization in rich text editor to prevent XSS attacks. Added accessibility improvements including: visible focus indicators on message links; tooltip text visibility at 200% zoom; proper ARIA attributes for image and video upload modals; keyboard controls for Brightcove video timeline; and corrected form field descriptions for screen readers. Aurora Fixed required custom fields not displaying in Add User form, preventing member creation. Fixed group names exceeding 40 characters failing silently instead of showing error messages. Fixed event calendar invite links navigating to incorrect page format. Fixed lock icon not displaying on ideas with commenting disabled. Fixed content formatting errors for users with Simple HTML permissions when applying alignment to lists. Fixed user timezone reverting to default after SSO login. Fixed unsupported tag warning not appearing when moving posts with newly added tags. Fixed moderators not receiving email notifications for content on moderated boards. Fixed moderator Reject menu immediately closing on Windows with display scaling above 100%. Fixed custom endpoints returning 404 errors after deployments. Fixed "Show more" button in Ideas widget failing to load additional results. Fixed Q&A structured data not rendering for search engine crawlers, affecting SEO. Fixed anchor links failing to scroll when target section was below the link. Fixed lock indicator not displaying on threads with zero comments. Fixed Knowledge Base and Ideas pages not respecting 100% page width setting. Fixed images uploaded to landing page widgets displaying as broken. Fixed Private Messages inbox failing to load for certain users. Fixed SSO logout not ending session at Identity Provider, causing automatic re-login. Fixed "Show More" button replacing visible replies instead of adding more at certain depth levels. Fixed all file attachments returning 404 errors in certain timezone configurations. Fixed user search returning empty results for certain username formats. Fixed custom pages returning 404 errors after component deployments. Fixed SDK Preview mode causing infinite page refresh loop. Fixed GraphQL Admin operations failing in custom endpoints for authenticated users. Fixed plugin build failures due to ESLint resolver incompatibility. Updated event calendar invites to use community mailer address instead of organizer email to protect privacy. Updated Next.js to address critical remote code execution vulnerabilities. Implemented validation for image URL uploads to prevent server-side request forgery attacks. Added react-markdown as allowed dependency for custom component development. Added comprehensive accessibility improvements including: swipe accessibility for tag menus, username filters, and author comboboxes on mobile; proper expanded/collapsed state announcements for all menus and navigation elements; descriptive button labels for message actions, replies, and status controls; proper tab selection announcements; content reflow after device orientation change; and hamburger menu labels reflecting current state. Pre-Prod Rollout: January 28-29. Testing window open from Jan 29 through Feb 11. Production Rollout: February 13-14 The rollout will follow the standard maintenance windows
Meta Threads is now available within Khoros Care
Khoros is pleased to announce that Meta Threads is now supported as an integrated channel within Khoros Care. The integration allows brands to respond and engage with their followers on brand posts, allowing them to provide top-notch social care and advocacy at scale.Khoros K1, Care, Marketing, Flow Release notes - December 1st 2025
Khoros Care Customer Experience Improvements TikTok Response Labeling Enhancement: Agent responses to TikTok conversations are now correctly identified in the conversation timeline, eliminating incorrect "External response" labels that caused confusion for agents Trustpilot Data Recovery: Backfilled missing Trustpilot reviews that failed to process during authentication issues, restoring complete customer review data Community User Avatar Handling: Fixed issue where Community users without profile pictures caused processing failures, ensuring all Community posts are properly delivered to Care Brand Messenger Chat Reliability: Resolved bot response delivery issues in Brand Messenger widget, ensuring consistent message arrival and improved error logging for customer interactions Social Media Authentication & Message Processing: Resolved authentication issues and improved message processing reliability for social media channels, ensuring consistent delivery of customer messages Message Processing Reliability: Improved retry mechanism for failed message processing, reducing message delivery failures Performance & Scalability European Region Performance: Increased capacity in EU region to handle higher load during business hours, improving response times and system stability Proactive System Monitoring: Deployed comprehensive monitoring across US, EU, and APAC regions to validate core platform functionality including agent conversation handling, queue management, agent assist widgets, and dashboard access Admin Console Change Log Navigation: Change Log has been released from Beta and is generally available. User Management Enhancements: Improved batch user processing and cache synchronization to prevent data loss during user management operations Security & Platform Updates Security Enhancements: Deployed security fixes across multiple Care components: Analytics Dashboard: Critical security vulnerability patches Case Management Interface AI/ML Processing System Brand Messenger Chat Backend Publishing Interface: Latest security patches Messaging Authentication Khoros Marketing Platform Improvements Instance Management: Fixed server error that was preventing Marketing instance deprovisioning, improving platform lifecycle management User Moderation: Resolved issue preventing users from being banned in Marketing Inbox, restoring full moderation capabilities Stream Collections: Fixed deletion functionality for stream collections Infrastructure & Performance Social Gateway Updates: Deployed infrastructure improvements for enhanced reliability and performance Advertising Metrics Processing: Improved reliability of advertising metrics data collection by introducing safeguards to prevent processing failures Notification System: Improved stability of the notification system Enhanced Security Protocols: Strengthened database security protocols as part of ongoing security compliance efforts Khoros Flow AI & Platform Upgrades Claude 4.5 AI Upgrade: Upgraded AI model from Claude Sonnet 3.5 to Claude Sonnet 4.5 in Flow, providing enhanced AI capabilities for improved customer interactions and automated responses Integration Improvements WhatsApp Integration Upgrade: Updated WhatsApp channel integration to latest API version, improving message delivery reliability and media handling capabilities Care System Integration: Enhanced integration with Khoros Care to provide better tracking and visibility of customer cases across systems, enabling more seamless workflows between Flow and Care Security & Stability Security Vulnerability Remediation: Addressed known security vulnerabilities across Flow platform including CVE-2019-10744 (lodash), CVE-2020-7610 (bson), CVE-2021-26707 (merge-deep), and others by upgrading to latest secure versions of system dependencies Message Processing Improvements: Increased message processing capacity to handle larger messages and attachments, improving reliability for customers sending rich media content System Connection Resilience: Improved system resilience to prevent service interruptions during network connectivity issues, ensuring consistent message processing Monitoring & Operations Proactive Feature Monitoring: Implemented comprehensive monitoring for dashboard performance and bot response times with automated alerting Data Pipeline Optimization: Optimized data processing pipeline, significantly improving performance and reducing processing delays Platform-Wide Updates Security Comprehensive Security Fixes: Applied critical security updates across all Khoros products, including user interfaces and backend services System Reliability Enhanced Error Handling: Improved system resilience with better error recovery mechanisms Deployment Process: Streamlined release processes for faster, more reliable updatesKhoros Communities 25.11 Release Notes
The Khoros Communities 25.11 release delivers critical security updates, comprehensive accessibility improvements, enhanced survey targeting capabilities, and numerous stability fixes across content management, authentication, and search functionality. Classic Applied critical security patches addressing vulnerabilities in jQuery and TinyMCE components. Enhanced username validation to prevent impersonation attempts using visually similar characters from different language scripts. Improved flood control performance, significantly reducing processing time for users with many product associations. Fixed Rich Text Editor alignment not applying correctly to text with inline formatting such as bold or italic. Fixed custom table background colors and styling being stripped when saving blog posts. Fixed Events module errors preventing users from creating, publishing, or viewing events after upgrade. Fixed deleted article history records causing entire version history to be wiped when removing individual draft versions. Added comprehensive accessibility improvements including: keyboard operability for Reply and Follow buttons; proper carousel navigation with skip options; corrected focus order in Tags modal; disabled auto-focus in private message compose modal; added missing alt attributes to images throughout the application; and programmatically associated error messages with form fields. Aurora Implemented advanced survey targeting with configurable prompts based on user authentication status, roles, location, and visit patterns. Fixed critical memory leak in integration points registry that was causing system crashes and performance degradation after 24-40 hours of operation. Fixed private messages failing to load for users with large recipient lists. Fixed users being unable to join hidden groups via email invitations. Enhanced search functionality to properly handle Traditional Chinese, Japanese, and Korean characters. Fixed language preference cookie expiring after 24 hours instead of persisting for the configured 30-day period. Fixed CSV export failures when survey responses were linked to deleted user accounts, now properly marking these as "Anonymous". Added dimension validation for image uploads to prevent pixel flood attacks that could cause memory exhaustion and system crashes. Fixed navigation error flash when users return from profile pages to discussion threads using the browser back button. Fixed blog article delete confirmation dialog intermittently not appearing for users. Fixed page index resetting to first page when unfollowing items on the Follows and Notifications page. Fixed navigation links being replaced instead of appended when adding more than 10 links in the community header. Fixed missing locale parameter causing incorrect privacy policy URLs during SSO registration. Fixed Aurora search bar displaying category IDs instead of user-friendly board names as placeholder text. Fixed custom fields and mandatory native fields not appearing on SSO registration forms for partially registered users. Fixed page crashes when users with Employee role attempted to use @mentions in comments. Fixed ZIP file attachments being stripped when submitting forum replies despite being configured as allowed. Fixed anonymous and deleted users appearing in Top Taggers leaderboard. Enhanced security for video embedding with improved validation and localized error messages. Enabled DNG (Digital Negative) file uploads for communities requiring professional photography file support. Updated robots.txt configuration to prevent Google from crawling legacy Classic URLs, eliminating 404 errors in Search Console. Enabled API access to archived messages using client credentials authentication with proper pagination support. Fixed BrandMessenger component causing page errors when encountering loading issues. Fixed custom React components failing to load on newly created development branches. Fixed custom component localization displaying text keys instead of translated values for Portuguese (Brazil) and other regional locales. Fixed message indexing errors that were preventing proper search functionality for archived content. Added content-type header to SAML logout calls to ensure proper session termination across integrated systems. Prevented OIDC SSO authentication tokens from being exposed in Personal Information exports. Pre-Prod Rollout: November 26-27. Testing window open from November 27 through December 8. Production Rollout: December 12-13 The rollout will follow the standard maintenance windows [Bug - Will be patching 26.01] GraphQLAdmin endpoints fail to authenticate correctly. Instead of applying admin permissions, the system is defaulting to 'logged out' permissions.Khoros K1, Marketing, Care and Flow release cadence
As part of our ongoing commitment to reliability and transparency, we have adopted a continuous delivery model for Khoros K1, Care, Spredfast Marketing and Flow. This means improvements, fixes, and enhancements are deployed to production incrementally rather than through large, infrequent releases. This approach minimizes operational risk, accelerates value delivery, and ensures that your environment benefits from the most stable and secure version of our product at all times. We recognize that visibility into product evolution is essential for planning and governance. To provide this transparency, we are introducing a regular changelog where you can review all functional, performance, and stability updates that have been deployed. Each entry will briefly describe what has changed and when, serving as a single source of truth for product updates. Our initial plan is to publish changelog updates on a regular cadence (approximately bi-weekly) on the release notes space, ensuring timely and consolidated communication without excessive notifications. As the product continues to evolve, we may adjust this frequency to align with customer needs and product maturity—always maintaining consistency and clarity in how updates are communicated.Khoros Communities 25.10 - Release Notes
Due to unforseen circumstances, the rollout has been delayed. The updated dates are reflected below. The Khoros Communities 25.10 release includes accessibility improvements, localization enhancements, performance optimizations, and bug fixes across search, messaging, and community management features. Classic Fixed a memory leak affecting system stability by improving object deduplication in integration point processing. Enhanced image upload security validation to prevent potential issues with malformed or malicious image files. Fixed global and embedded search not returning results when using Traditional Chinese characters. Upgraded Image Service to Node.js 22 for improved security, stability, and long-term compatibility. Aurora Fixed recurring 503 Service Unavailable errors affecting community pages by implementing automated service stability improvements. Added full localization support for Turkish (tr-TR). Added full localization support for Indonesian (id-ID). Added full localization support for Vietnamese (vi-VN). Corrected French translations for "Board" and "Post" across UI and email templates. Fixed private messages in the inbox not loading for users with large recipient lists. Fixed an issue preventing users from joining hidden groups via email invitations. Fixed global and embedded search not returning results when using Traditional Chinese characters. Fixed an error preventing administrators from accessing Localized Categories Settings due to duplicate key entries. Upgraded to official undici library release for improved long-term maintainability and security updates. Upgraded Image Service to Node.js 22 for improved security, stability, and long-term compatibility. Enhanced image upload security validation to prevent potential issues with malformed or malicious image files. Fixed intermittent HTTP/2 connection timeout issues by implementing client-side TTL management for pooled connections. Improved accessibility across the platform including: correcting heading structures in Tags modal, editor, and Notifications; properly grouping radio buttons with fieldset and legend elements; updating placeholder text contrast to meet WCAG standards; enhancing tooltips with hover persistence and ARIA labels; grouping related form controls; correcting labeling for filters in Manage Content; adding proper scope attributes to table headers in Manage Members; fixing invalid ARIA attributes in Inbox; and ensuring form error messages are properly announced by screen readers. Pre-Prod Rollout: October 25-26. Testing window open from Oct 27 through Nov 8. Production Rollout: November 10-11 The rollout will follow the standard maintenance windows.IgniteTech acquired Khoros to rebuild it. Here’s what that looks like.
Four weeks ago, we acquired Khoros. Since then, there’s been speculation—about what changed, what we’re doing and where this platform is headed. Some focused on staffing. Others asked about continuity and direction. We’ve seen all of it. This post is here to clarify the facts—and, more importantly, to show where we’re headed next.Khoros Care: Direct Data Access Update
Following our recent efforts to better protect the Khoros Care platform from abnormally high loads and to provide consistency across Care for historical data access directly available, data in Agent View and Manage View will be limited to 2 years. As always, for customers requiring routine access to data beyond that range, we encourage the implementation of local data store using our available export APIs. You may notice this change in effect already. Otherwise, the change will be pushed to your system within the next 10 days.Community Experience Surveys Are Now Available in Aurora
Community Experience Surveys (formerly Value Analytics) enable you to gather responses directly from members through short in-product prompts. You control who sees the survey, when it appears, how often it's shown, and which standardized questions are asked. Once responses start coming in, you can export the results for review or analysis.
