TYPO3 13.4.26—What’s Changed?

Released: February 20, 2026
Update type: Bugfix and maintenance release

TYPO3 13.4.26 is a maintenance release that improves Content Security Policy handling, fixes several backend usability issues, and updates dependencies including firebase/php-jwt to version 7.0. This release also includes ImageMagick 7 compatibility improvements and various accessibility enhancements.

Security Fixes

No security fixes in this release.

Editing & UX Improvements

  • CKEditor regexp replace support — Capturing regexp replace patterns now work correctly in CKEditor 5.
  • PageLinkHandler preservation — Fixed issue where PageLinkHandler links were lost when re-linking content.
  • Record list label encoding — Removed double encoding of field labels in the record list module.

Backend & Administration

  • CSP reports table — The Content Security Policy reports database table is now properly listed as flushable.
  • Maintenance module styling — Added missing margin for active languages in the maintenance module.
  • Dialog accessibility — Added proper spacing for dialog close button labels and improved page title edit icon accessibility.
  • User permissions fix — Fixed removeSysRedirectPermission wiping all user permissions instead of just redirect permissions.
  • Language attributes — English-only content is now properly marked with the correct lang attribute for better accessibility.

Technical Changes

  • firebase/php-jwt upgrade — Updated to version 7.0 with support for ^6.10.2||^7.0.2.
  • ImageMagick 7 compatibility — Improved compatibility with ImageMagick 7 image processing.
  • Package activation optimization — Runtime caches are no longer flushed when activating packages, improving performance.
  • FlexForm language support — Enabled TCA type language for FlexForms.
  • FilesProcessor enhancement — Added stdwrap support for folders.recursive in FilesProcessor.
  • Field value context parameters — Added context parameters for post-processing field values.