Seerr Release Notes

3.3.0 - 2026-06-02

🚀 Features

(db) Add DB_POOL_SIZE environment variable for postgres connection pool (#2990) - (f093c69)
(i18n) Add server-side i18n for notification agents (#2731) - (cd257ba)
(notification) Add support for public seerr logo in email (#3036) - (a8f147d)
(notifications) Support multiple Discord IDs (#2712) - (63175f5)
Add plex media ratingKey and ratingKey4k to webhook payload and… (#1812) - (9b7b50b)
Add route to fetch user by jellyfin id (#2074) - (15296a0)
Filter out "Thanks" credits when looking at a person's credits (#2370) - (d024849)

🐛 Bug Fixes

(auth) Drop popup.closed check in Plex pin poll (#2941) - (ce9643c)
(availability-sync) Detect deleted seasons when media server retains empty season metadata (#2850) - (9c34864)
(discover) Preserve keyword filter input focus after selection (#2962) - (32169d9)
(docs) Enable trailingSlash to prevent 404 flash on direct navigation (#3039) - (df105b8)
(docs) Switch to SWC minimizer to fix broken runtime bundle - (d88242f)
(docs) Bump openapi docs packages to 5.0.2 (#3027) - (080c68a)
(entity) Set the default value of UpdateDateColumn to CURRENT_TIMESTAMP (#2913) - (86e780e)
(external-link) Replace TMDB ID with IMDB ID for Trakt links (#2934) - (f078da8)
(imdbRadarrProxy) Pass headers and nodeCache as options instead of params (#2900) - (7861db4)
(issuedescription) Fix issue display lists in IssueDescription (#2972) - (ce47cfb)
(media) Clean up watchlist on error card delete (#3073) - (ee915b9)
(media-request) Remove cascade from modifiedBy to prevent user column wipe (#2911) - (2dfea0c)
(ntfy) Save priority field as number instead of string (#3096) - (2fa535d)
(ntfy) Remove undefined fields from ntfy payload (#2931) - (377bf65)
(override-rules) Use find() instead of index lookup for service resolution (#2903) - (5fdedb1)
(plex-watchlist-sync) Handle MediaContainer.Video fallback in watchlist sync (#2992) - (99f8520)
(request) Restore media status correctly when deleting requests (#3064) - (ff88d52)
(scanners) Reset orphaned processing media from deleted Radarr/Sonarr entries (#2757) - (198e4e5)
(scanners) Ignore unknown seasons in availability rollup and skip empty placeholder seasons (#2958) - (ce51f6a)
(search) Replace "TV" with "Series" in search placeholder (#3067) - (c04172a)
(slider) Add async to spring animation (#2978) - (5267611)
(tag) Use inset ring to avoid clipped outlines (#2985) - (cf87205)
(tvrequest) Allow special episodes when partial series requests are disabled (#2973) - (b32ab02)
(users) Correct auth middleware for web push subscription (#3005) - (bd27f2d)
(watchlistsync) Re-request deleted media from watchlist (#3072) - (2588e49)
Update series status to partially available when seasons are missing (#3044) - (4ed29cf)
Add missing "key" to React arrays (#3043) - (4fa2c71)
Send availability notification if media is available before approval (#2819) - (d426e1e)
Normalize webhook payload encoding to support raw JSON inputs (#2641) - (5b45806)

📖 Documentation

(blog) Add v3.3.0 release blog post (#3098) - (759e359)
(fail2ban) Add fail2ban documentation (#2894) - (39e9f1f)
(nixpkgs) Add documentation for nixpkgs 26.05 (#3089) - (5fc7a40)
Add REST API documentation (#2981) - (7aa1470)
Add Terraform/OpenTofu provider page (#2967) - (811126d)

🚜 Refactor

(docs) Move REST API docs to navbar and dedicated sidebar (#3040) - (08b7bd4)
(logs) Align failed login attempt message with failed sign-i… (#2914) - (3e4bf1b)
Replace react-toast-notifications with react-hot-toast (#3004) - (dfde4d3)

⚙️ Miscellaneous Tasks

(actions) Update github actions (#3028) - (6bb402a)
(actions) Update github actions (#2982) - (20dbc30)
(actions) Update github actions (major) (#2947) - (952261b)
(actions) Update taiki-e/install-action action to v2.75.18 (#2961) - (d50bdad)
(actions) Update github actions (#2945) - (60a2a87)
(create-tag) Add gh token to avoid api rate limit in tag version retrieval (#2886) - (85bfdb2)
(i18n) Update translations from Weblate - (73fcfd2)
(i18n) Update translations from Weblate - (788311a)
(i18n) Update translations from Weblate - (6eb43e0)
(i18n) Update translations from Weblate - (656e33f)
(i18n) Update translations from Weblate - (4742018)
(i18n) Update translations from Weblate - (2d4cd03)
(i18n) Update translations from Weblate - (3c249c7)
(i18n) Update translations from Weblate - (4e4e673)
(i18n) Update translations from Weblate (#2906) - (6513915)
(i18n) Update translations from Weblate (#2901) - (56ab94a)
(release) Prepare v3.2.0 - (703faf9)
(release) Merge develop into main - (0621e3d)
(release) Remove git-cliff footer in release changelog (#2986) - (550c3bc)
Cleanup intl polyfills and dev config (#2965) - (ba6ed6c)
Ignore Renovate bot on irrelevant jobs (#2904) - (1d2aa76)

New Contributors ❤️

@defaultdino made their first contribution
@haribo-hyung made their first contribution
@felixschndr made their first contribution
@burakemirsezen made their first contribution
@death2all110 made their first contribution
@fredrikburmester made their first contribution
@marcinjurczak made their first contribution
@Josh-Archer made their first contribution
@Finchow made their first contribution
@kyle-engler made their first contribution
@danjuv made their first contribution
@aldoeliacim made their first contribution

cookie-parser was initialized with settings.clientId (the Plex client
UUID), but express-session signs connect.sid with settings.sessionSecret.

The secrets differ, so cookie-parser's signature check on connect.sid
fails, the cookie is dropped from req.cookies, and the OpenAPI validator
rejects every authenticated request with "cookie 'connect.sid' required"
even though the browser is sending it correctly.

This also matches the signing secret used by the OIDC code-verifier and
state cookies that are stored via res.cookie(..., {signed: true}), which
read back through req.signedCookies during the callback.

3.2.0 - 2026-04-15

🚀 Features

• (blocklist) Add support for collections (#1841) - (993ae4c)
• (discover) Handle errors gracefully when content is available (#1542) - (7920970)
• (i18n) Add Estonian language support (#2611) - (56b79ff)
• (i18n) Add Luxembourgish language support (#2671) - (dccdc95)
• (i18n) Add Vietnamese language support (#2670) - (40edaea)
• (jellyfin) Allow Jellyfin Guids with dashes for import-from-jellyfin endpoint (#2340) - (3557745)
• (notifications) Add ntfy markdown formatting (#2602) - (77f2c13)
• (notifications) Webhook custom headers (#2230) - (3152f72)
• (notifications) Add priority setting for ntfy agent (#2306) - (61e0377)
• (person) Add tmdb- and imdb link on person detail page (#2136) - (fb2ee7c)
• (quota) Added support for unlimited quota days (#2797) - (6d8b2b7)
• (requests) Mark requests as failed when Radarr/Sonarr unreachable (#2171) - (c23117e)
• (settings) Add blocklist region and language options (#1802) - (ff469cb)
• (settings) Add help tooltips for services setup (#2662) - (f5115da)
• (sonarr) Add monitorNewItems option to sonarr settings & modal (#2071) - (5c34c91)
• (trending) Add filter options (#2137) - (4ce0db1)
• (ui) Add loading state to request approve/decline buttons (#2815) - (bd8f2d4)
• (userlist) Add sortable columns to User List (#1615) - (eaf397a)
• (webhook) Add imdbid to webhook notification (#2658) - (2432e8d)
• Sort quality profiles ASC in request and service configuration (#1805) - (25e376c)
• Add trailing whitespace warning on login username field (#2040) (#2177) - (636dcb9)

🐛 Bug Fixes

• (auth) Resolve Plex OAuth client ID mismatch (#2746) - (15b3109)
• (email) Correctly classify final MIME header in PGP email encryption (#2618) - (9ec3d58)
• (email) Preserve newlines in PGP key textarea fields (#2617) - (835e917)
• (emby) Use static version in auth header for emby only (#2821) - (fe2c041)
• (entities) Replace MySQL-only onUpdate with @UpdateDateColumn (#2823) - (0b8f872)
• (generate-password) Await setPassword to fix race condition (#2845) - (061121c)
• (issues) Update issue timestamp when adding comments (#2616) - (a16d046)
• (jellyfin-scanner) Add TheMovieDb provider fallback for Jellyfin scanner (#2605) - (10f23f0)
• (login) Resolve stuck transition when switching login forms (#2779) - (735ec47)
• (media) Exclude null mediaAddedAt entries (#2607) - (001f6b1)
• (migration) Repair postgres blocklist id sequence (#2686) - (f40323c)
• (movie,tv) Respect display language for trailers (#2674) - (90d407d)
• (open-api) Add missing mediaType query parameter to blocklist and watchlist (#2722) - (c7185d4)
• (override-rules) Remove users from useEffect dependency array (#2771) - (be57997)
• (overseerr-merge) Sanitise corrupt quota values during overseerr migration (#2863) - (43eff25)
• (plex) Set 4K Plex URLs whenever ratingKey4k is set (#2635) - (1548948)
• (proxy) Add path validation guardrail to imageproxy (#2531) - (e086081)
• (region-selector) Prevent empty region reporting during sync (#2636) - (fbfcb43)
• (request) Record modifiedBy on retry and add route tests (#2824) - (20ccd4b)
• (request) Correct delete permission check and await movie save (#2742) - (6aeab38)
• (requests) Mark requests as completed when media is already available (#2462) - (d25d0ca)
• (settings) Persist new settings defaults to disk on startup (#2884) - (66130be)
• (settings) Serialize settings writes and prevent partial overwrites (#2696) - (6c52a2f)
• (settings) Remove beta info banner (#2615) - (fece753)
• (setup) Fix Plex login not proceeding after authentication (#2596) - (1dc5154)
• (watchlist-sync) Handle empty watchlists on PostgreSQL (#2718) - (865396f)
• Improve local login UX (#2849) - (aef2481)
• Await missing repository saves (#2760) - (1bb638e)
• Helm chart liveness and readiness probe (#2755) - (4434c45)
• Disambiguate tmdb ids by media type across lookups (#2577) - (0be1896)
• Anchor streaming service filter check icon to each provider card (#2634) - (94ccd47)

📖 Documentation

• (contributing-guide) Fix a typo (#2807) - (6f9b743)
• (docker) Replace backslashes by backticks in windows docker run commands [skip-ci] (#2557) - (40e02bb)
• Clarify Docker volume creation instructions on fresh Windows install (#2861) - (a133930)
• Move network-related docs to a dedicated tab (#2791) - (5bbdc52)
• Promote Nixpkgs as an official installation method (#2775) - (05ad60c)
• Fix PM2 start command syntax (#2713) - (5373da4)

🚜 Refactor

• (imageproxy) Reduce noisy image cache logging (#2789) - (036d000)
• (notifications) Move event from author to title field in Discord Embed (#2119) - (a2d1e1b)
• (userlist) Responsive columns and buttons (#2083) - (dbe1fca)
• (watchlistsync) Log media request creation after success instead of before (#2790) - (685cb44)
• Rename Error components to ErrorPage (#2668) - (d5c5f1f)

🧪 Testing

• (user-list) Deflake sorting assertions (#2766) - (20c2ed8)
• Support server-side unit testing (#2485) - (8563362)

⚙️ Miscellaneous Tasks

• (actions) Update github actions (#2683) - (a2154f9)
• (actions) Update github actions (#2672) - (f047cab)
• (actions) Update github actions (#2632) - (e25c1a5)
• (create-tag) Correct quote style in commit message for tag preparation (#2593) - (687f18b)
• (docker) Release alias for major and minor version series (#2881) - (1cc73a8)
• (i18n) Update translations from Weblate - (e85216a)
• (i18n) Update translations from Weblate - (b1adc79)
• (i18n) Update translations from Weblate (#2419) - (4bd7c19)
• (pr-validation) Make checklist box detection case-insensitive (#2802) - (58514ec)
• (pr-validation) Update pull request permissions to write for validation jobs (#2800) - (986761f)
• (pr-validation) Disable package manager cache in nodejs setup (#2799) - (67e27d5)
• (release) Prepare v3.2.0 - (e0b2a1c)
• (release) Merge develop into main - (c5800a0)
• Bump minimum required node version to 22.19.0 (#2873) - (891265f)
• Add PR validation workflow and update contributing guidelines (#2777) - (772e83d)
• Upgrade to eslint v9 (#2574) - (36243a0)
• Ignore helm scope in git-cliff (#2638) - (4d2b658)

New Contributors ❤️

• @aslafy-z made their first contribution
• @leereilly made their first contribution
• @jisef made their first contribution
• @dougrathbone made their first contribution
• @bobziroll made their first contribution
• @v3DJG6GL made their first contribution
• @Roboroads made their first contribution
• @costajohnt made their first contribution
• @tiagodefendi made their first contribution
• @Jyasapara made their first contribution
• @Sym-jay made their first contribution
• @bibi0019 made their first contribution
• @redondos made their first contribution
• @bogo22 made their first contribution
• @jabloink made their first contribution
• @YakGravity made their first contribution
• @dj0024javia made their first contribution
• @Jerra94 made their first contribution
• @its-wizza made their first contribution
• @ventiph made their first contribution
• @RinZ27 made their first contribution

3.1.0 - 2026-02-27

🛡️ Security

Patch CVE-2026-27707 - Unauthenticated account registration on Plex-configured Seerr instances via Jellyfin authentication endpoint - (4ae2068)

Patch CVE-2026-27793 - Broken Object-Level Authorization in User Profile Endpoint Exposes Third-Party Notification Credentials - (4f089b2)

Patch CVE-2026-27792 - Missing authentication on pushSubscription endpoints - (946bdecec)

🚀 Features

(helm) Use an existing PVC as config volume (#2447) - (8f0c904)

(servarr-api) Make Servarr API request timeout configurable (#2556) - (3bcb4da)

Self-host font for better privacy (#2540) - (10ea21b)

🐛 Bug Fixes

(helm) Add "v" as prefix for appVersion tag (#2445) - (04b9d87)

(jellyfin-scanner) Include unmatched seasons in processable seasons (#2538) - (68f56d2)

(link-account) Fix error-message override (#2547) - (b843be0)

(plex-scanner) Add TVDb to TMDB fallback in plex scanner (#2537) - (7c60a5c)

(radarr) Trigger search for existing monitored movies without files (#2391) - (55776ea)

(servarr) Increase default API timeout from 5000ms to 10000ms (#2442) - (b499976)

(sonarr) Use configured metadata provider for season filtering (#2516) - (5013d1d)

(watch-data) Use sentinel values to avoid invalid SQL syntax (#2552) - (947f70c)

(watchlist-sync) Correct permission typo for TV auto requests (#2488) - (e0e4b6f)

Preserve blocklist on media deletion & optimise watchlist-sync (#2478) - (9da8bb6)

🚜 Refactor

(tailwind) Replace deprecated tailwind utilities (#2542) - (f42a4ec)

📖 Documentation

(synology) Add installation guide via SynoCommunity (#2503) - (0e636a3)

(truenas) Update install/migration guide (#2491) - (dc1734d)

(unraid) Improve unraid migration guide (#2470) - (5e64d49)

Update Unraid install and migration guides with dual permission methods (#2532) - (a0d0eb1)

Add a warning in migration-guide for third party installation (#2527) - (7e9dff3)

Remove double quotes (") from DB_HOST environment variable (#2514) - (fa905be)

Add Unraid installation and migration guide (#2440) - (b6a9132)

Fix migration guide title (#2425) - (39ae32f)

⚡ Performance

Add missing indexes on all foreign key columns (#2461) - (c6bcfe0)

⚙️ Miscellaneous Tasks

(changelog) Fix changelog template (#2431) - (c2977f6)

(eslint) Add react/self-closing-comp (#2563) - (cd8b386)

(github) Add docs and maintenance issue templates (#2467) - (cf4883a)

(helm) Add GatewayAPI route support to helm chart (#2544) - (3a42f59)

(helm) Update ghcr.io/seerr-team/seerr ( 3.0.0 → 3.0.1 ) [skip-ci] (#2441) - (87fb0df)

(husky) Fixed husky commit message from bash/zsh syntax to sh syntax (#2572) - (a00c9e5)

(release) Prepare ${TAG_VERSION} - (94a70bb)

Updated the Contributing and Security guides to reflect our current practices (#2579) - (0d40a42)

Disable nextjs telemetry (#2517) - (cecdd63)

Update contributing guide regarding Automated AI Agent (#2518) - (880fbc9)

Remove discord notification from release (#2501) - (fba20c1)

Add create-tag workflow to streamline release process (#2493) - (06e5eb0)

Update concurrency logic (#2481) - (4939f13)

Add semantic-pr workflow to enforce conventional commits (#2472) - (5e57fdc)

New Contributors ❤️

@caillou made their first contribution

@Kenshin9977 made their first contribution

@MagicLegend made their first contribution

@wiiaam made their first contribution

@mjonkus made their first contribution

@nova-api made their first contribution

@mreid-tt made their first contribution

@DataBitz made their first contribution

@Hyperion2220 made their first contribution

@blassley made their first contribution

@JanKleine made their first contribution

@koiralasandesh made their first contribution