We’ve just released version 2.6.0. This update includes a small but important fix for a potential object injection vulnerability in the
SessionCookie class. We encourage you to update your applications as soon as possible. This update also includes several other improvements. You can read more on the GitHub release page.