---
title: "TYPO3 14.3.5—What’s Changed?"
url: "https://b13.com/release-digests/v14/typo3-1435-whats-changed"
date: 2026-07-14
modified: 2026-07-14
lastUpdated: 2026-07-14
---

# TYPO3 14.3.5—What’s Changed?

TYPO3 14.3.5—What’s Changed?
=============================

Released: July 14, 2026
Update type: Security release

TYPO3 14.3.5 is a security release that addresses a critical file upload vulnerability by registering MimeTypeValidator at runtime. Additionally, this release includes improvements to the backend interface, better SVG handling, workspace preview enhancements, and various bug fixes for the scheduler, file abstraction layer, and form framework.

Security Fixes
--------------

- **File Upload Validation** — Registers MimeTypeValidator for file uploads at runtime to prevent potential security vulnerabilities through unvalidated file uploads.

Editing & UX Improvements
-----------------------------

- **Page Title Editing** — Returns focus to edit icon after completing page title editing for improved keyboard navigation.
- **Workspace Preview** — Hides workspace preview for non-previewable records and shows appropriate warnings for missing workspace or module access.
- **CKEditor Link Display** — Applies ellipsis to long URLs in CKEditor link toolbar for better readability.
- **Language Comparison** — Marks disabled pages in language comparison view for better content overview.
- **Content Element Labels** — Adds accessible labels to language flags in content element headers for improved accessibility.

Backend & Administration
----------------------------

- **Scheduler Task Rendering** — Renders scheduler task status and priorities consistently in both module interface and CLI, with improved bulk action handling.
- **System Information** — Introduces new status indicator component and fixes status color reading in system information display.
- **File Upload Interface** — Closes all dropzones after upload completion to prevent interface confusion.
- **Settings Management** — Allows adding entries to empty settings stringlists and properly uses form-check pattern for sync crop variants checkbox.
- **Error Display** — Enables expansion of AJAX error panels in maintenance tools for better debugging.

Technical Changes
-----------------

- **SVG Processing** — Sanitizes and sizes SVG files via dedicated SvgDocument classes for improved security and performance.
- **Guzzle Dependencies** — Updates guzzlehttp/\* dependencies to latest versions.
- **DataHandler Improvements** — Refines exceptions for root-level restrictions and considers all workspace-enabled tables for stage buttons.
- **Code Hardening** — Implements custom PHPStan rule to harden unserialize usage and updates PHPStan to v2.2.3.
- **Resource Overrides** — Allows new domain syntax for resourceOverrides configuration.
- **Form Framework** — Fixes parseFunc tag generation when callRecursive.tagStdWrap is used.

- [Download TYPO3 14](https://get.typo3.org/version/14)
- [Official release announcement](https://news.typo3.com/article/typo3-1435-and-13433-security-releases-published)
- [Full changelog](https://docs.typo3.org/c/typo3/cms-core/main/en-us/Changelog-14/Index.html)