ckeditor5 47.6.0

on Node.js Yarn

We are excited to announce the release of CKEditor 5 v47.6.0.

Security update

A Cross-Site Scripting (XSS) vulnerability has been discovered in the General HTML Support feature (CVE-2026-28343). This vulnerability could be triggered by inserting specially crafted markup, leading to unauthorized JavaScript code execution if the editor instance used an unsafe General HTML Support configuration.

This vulnerability affects only installations where the editor configuration meets the following criteria:

• General HTML Support is enabled,
• General HTML Support configuration allows inserting unsafe markup (see Security section to learn more).

You can read more details in the relevant security advisory and contact us if you have more questions.

Release highlights

This release introduces new list indentation capabilities and expands the customization options for CKEditor AI, giving integrators more control over the AI-powered editing experience.

⭐ CKEditor AI On-premises available

CKEditor AI is now available as an on-premises deployment, giving you full control over the AI service by running it on your infrastructure. The on-premises version supports everything the cloud option offers, plus:

• Custom AI models and providers — use your models from OpenAI, Google Cloud, Microsoft Azure, or self-hosted solutions.
• MCP (Model Context Protocol) support — extend the AI with custom external tools by connecting MCP servers, enabling use cases like searching internal knowledge bases or querying company databases directly from the AI chat.

Learn more about deployment options and MCP support.

⭐ Custom AI Review checks

The AI Review feature now supports custom review commands defined by integrators. Until now, the review was limited to built-in commands like proofreading, clarity, readability, and tone adjustment. With this release, you can create review commands tailored to your editorial guidelines, brand voice, or domain-specific quality standards.

Custom commands are registered via config.ai.review.extraCommands and made visible in the UI through config.ai.review.availableCommands. The same option lets you reorder, filter, or shorten the list of built-in commands to match your needs. See the documentation for details.

⭐ AI Chat Shortcuts

We are introducing AI Chat Shortcuts, a new opt-in plugin that displays configurable shortcut buttons in the AI Chat panel before the first message is sent. Shortcuts provide clear, actionable entry points that guide users toward the most useful AI capabilities. From launching a predefined prompt to starting a specific review or translation flow to navigating directly to the Review or Translate tab.

Integrators define shortcuts with a name, icon, and an action. Each shortcut can also configure which AI capabilities (model, web search, reasoning) are active for the prompt. Learn more in the documentation.

List indentation improvements

We're streamlining and standardizing the way list indentation is handled. With improved UX, it's now possible to indent whole lists and also individual list items with consistent styling and no custom implementation required.

This improvement is compatible with Paste from Office, Export to Word, Export to PDF, and Track Changes plugins. It also provides RTL support.

Upgrade @aws-sdk/client-bedrock-runtime to the latest version

We upgraded @aws-sdk/client-bedrock-runtime to the latest version to address a recently disclosed security vulnerability in the fast-xml-parser dependency. We marked this update as a minor breaking change due to the use of dynamic imports in one of the underlying packages, which may impact certain build environments.

If you use webpack to build an editor bundle, configure it to bundle dynamic imports eagerly:

module: {
  parser: {
    javascript: {
      dynamicImportMode: 'eager'
    }
  }
}

If you do not use CKEditor AI with a dedicated bundle, no action is required.

Incoming old installation methods sunset reminder

Please note that the old installation methods will only remain available up to CKEditor 5 v48.0.0, which is planned for release at the beginning of Q2 2026. For more timeline details, refer to the dedicated GitHub issue.

In CKEditor 5 v42.0.0 in June 2024, we introduced new installation methods designed to improve and simplify the developer workflow. Soon, they will be the only available paths to install and use CKEditor 5.

If your project still relies on old installation methods, now is a good time to plan your next steps. We recommend choosing between these two options:

1. Migrate to the new installation methods, which are the recommended path for most users. The new installation methods provide a cleaner setup, easier upgrades, and better alignment with future CKEditor 5 releases.
2. Consider CKEditor 5 Long-Term Support (LTS). If migrating in the near term is not feasible, you can extend support for legacy installation methods.

MINOR BREAKING CHANGES ℹ️

• ai: Simplified the default greeting message shown when starting a new AI Chat conversation. To restore the previous message content, set config.ai.chat.welcomeMessage to the following:

  "Hi, I'm your AI assistant. Think of me as your writing buddy, reviewer, or research partner. I can suggest changes to your document, help generate ideas, offer feedback, discuss attached files, and much more!"

• ai: Updated @aws-sdk/client-bedrock-runtime to version 3.994.0. This update introduced dynamic imports in a dependency, which may affect some build environments.

Features

• ai: Added the config.ai.review.availableCommands configuration option to customize which review commands are shown in the AI Review tab.

• ai: Introduced the AIChatShortcuts plugin, which displays configurable shortcuts in the AI Chat feed when starting a new conversation.

• ai: Added support for custom AI Review commands. Custom commands can now be configured using config.ai.review.extraCommands.

• export-pdf: Added the enable_mirror_margins option to the V2 PDF export converter API, allowing margins to alternate between odd and even pages for double-sided layouts.

• html-support: Added support for the [sandbox] attribute on <iframe> elements rendered in the editing view. Filtering rules can be adjusted using the htmlSupport.htmlIframeSandbox configuration option.

• indent: Added list indentation integration to the IndentBlock feature (enabled by default). Closes #19490.

  Added commands for whole-list indentation (indentBlockList and outdentBlockList) and list-item indentation (indentBlockListItem and outdentBlockListItem). Indentation can be rendered using margin-left/margin-right styles (offset-based) or CSS classes (class-based).

• list: Added support for the arabic-indic list style type in the list properties plugin. Closes #19802.

Bug fixes

• ai: Fixed an issue where using DLLs for the AI package together with the TrackChanges plugin could fail due to a SuggestionConversion plugin conflict.
• ai: Fixed an issue where AI Quick Actions content overflowed in the preview window.
• ai: Starting or loading an AI chat conversation no longer closes unrelated open dialogs in the editor.
• ai: Displayed the Selected content label instead of "" when the Ask AI action is used on selections that include non-text content, such as an image without a caption.
• ai: Displayed text from all selected table cells in the chat context pill after using Ask AI on a selection inside a table.
• ai: AI Review and AI Translate no longer throw errors when users click "Stop generating" after some changes have already been generated.
• engine: Treated the [srcdoc] attribute of <iframe> elements as unsafe and sanitized it in the editing pipeline. Restricted the [src] attribute of <iframe> elements to disallow javascript: and data: URLs containing whitespace characters.
• link: Added support for defining multiple manual link decorators that operate on the same attributes. If an automatic decorator conflicts with a manual one, only the manual one is used. Closes #19695.
• table: Improved accessibility by reflecting table captions in the figure element aria-labelledby attribute. This change improves screen reader labeling for tables. Closes #15979.
• table: Preserved the <figure> wrapper on content tables when table.tableLayout.stripFigureFromContentTable is set to false and the layout tables plugin is enabled. Closes #19771.
• track-changes: Fixed an issue causing plugin conflicts when using the TrackChanges DLL together with certain features, such as AI.

Other changes

• ai: Added the config.ai.chat.welcomeMessage configuration option to customize the greeting message shown in the AI Chat feed when starting a new conversation.
• Updated translations.

Released packages

Check out the Versioning policy guide for more information.