Self-Hosted Weekly: Week 25, 2026. Mastra npm Attack, Euro-Office Ships, Pangolin 1.19

Another week, another reminder that self-hosting is half about the software you run and half about the supply chain it rides in on. This week handed us a nasty npm compromise, a genuine European answer to Microsoft Office, a Pangolin release that quietly turns your browser into a remote desktop, and a Kubernetes freeze that sets up the rest of the year. Here's what mattered between June 12 and 19, with my take on each.

The week at a glance

1. The Mastra npm supply-chain attack

On June 17 an attacker compromised the @mastra npm organization and slipped easy-day-js, a typosquat of the popular dayjs library, into more than 140 packages across the Mastra AI framework. The dependency carried an obfuscated postinstall dropper that pulled a second-stage payload, harvested browser data and crypto wallet extensions, then deleted itself. Combined weekly downloads of the affected packages topped 1.1 million. Socket flagged the malicious version within six minutes, and Mastra force-published clean releases across 142 packages.

My take: Six minutes to detection is impressive. The root cause is depressingly familiar: a forgotten contributor account that still had publish rights to the whole scope. If you self-host anything built on the Mastra stack, pin your versions, audit your lockfiles, and turn off install scripts you don't need (npm config set ignore-scripts true for CI is a blunt but effective hammer). Supply-chain hygiene is now part of self-hosting, not a separate discipline.

2. Euro-Office 1.0 ships inside Nextcloud Hub 26

Euro-Office reached general availability on June 9 and is now bundled into Nextcloud Hub 26 Spring. Built on the OnlyOffice code base and distributed under AGPLv3, it offers four browser apps: documents, spreadsheets, presentations, and a PDF editor, all with collaborative editing. It positions itself as a sovereign alternative to Microsoft Office and Google Docs for businesses and public authorities, available alongside Collabora under the Nextcloud Office umbrella.

My take: The interesting part isn't the editor, it's the politics. European organizations want a document stack they actually control, and "self-hosted plus AGPL plus a real consortium behind it" is a stronger pitch than yet another web office clone. If you already run Nextcloud, this is a low-friction way to try a full office suite without sending a single file to a US cloud. You can spin up Nextcloud and a few hundred other open-source tools on Elestio's managed catalog if you'd rather not babysit the infrastructure.

3. Pangolin 1.19 puts remote desktops in the browser

Pangolin, the self-hosted tunneled reverse proxy that keeps eating Cloudflare Tunnel's lunch, shipped 1.19 with browser-based SSH, RDP, and VNC as first-class public resource protocols. After you authenticate, you start an interactive session straight in the browser: web terminals with password, key, or Pangolin identity auth, and full Windows desktops with clipboard and file transfer over RDP. No separate client, no VPN.

My take: This is the feature that turns Pangolin from "nice ingress tool" into "the thing you give contractors instead of a VPN." Identity-aware access plus no client install is exactly the friction reduction that gets security teams to say yes. With over a million deployments already, Pangolin is becoming the default answer for "how do I expose this safely."

4. Kubernetes v1.37 hits its freezes, KubeCon India wraps

The v1.37 cycle reached its Production Readiness Freeze on June 9 and 10 and its Enhancements Freeze on June 16 and 17, locking the feature set for the next release. KubeCon India ran June 18 and 19. One date to circle: Kubernetes 1.33 reaches end of life on June 28, so anyone still on it has a short runway.

My take: Nothing dramatic, which is the point. Kubernetes has settled into a predictable cadence, and predictable is good for the rest of us. If you run a cluster, the actionable item this week is the 1.33 EOL. Plan the upgrade now rather than discovering an unpatched CVE in July. Boring infrastructure is a feature.

5. Docker Desktop's June update tightens the AI surface

Docker Desktop's June release added MCP profile template cards and an onboarding tour, improved log filtering by Compose stack, and brought Model Runner support for Qwen3.5. It also patched CVE-2026-33990, a server-side request forgery in the Docker Model Runner OCI registry client, and fixed a Kubernetes startup bug tied to WSL cgroup v1 conflicts.

My take: The MCP and Model Runner features show where Docker thinks the puck is going: local AI tooling baked into the daily workflow. The SSRF patch is the part to act on. If you run Model Runner anywhere near untrusted input, update before you read the rest of this digest.

6. OpenProject 17.0.0 lands, with a security patch alongside

OpenProject pushed a major 17.0.0 release this month and, on the security side, patched a stored XSS regression in the Roadmap view where user-controlled project names were rendered without escaping. The fix shipped in 16.6.5 and 17.0.0, with X-Content-Type-Options: nosniff recommended as a mitigation. The project continues to lean into its role as a self-hosted Jira and Confluence alternative.

My take: Stored XSS in a field as mundane as a project name is a good reminder that self-hosted does not mean self-secured. Patch to 17.0.0, but also set the security headers at your reverse proxy so the next regression is contained by default. OpenProject is one of the cleanest Jira exits available, and it's on Elestio if you want it managed.

7. LeafWiki, a lightweight Outline alternative

LeafWiki showed up in this month's self-hosted news as a simple wiki that positions itself against Outline. It uses file-based storage on SQLite, supports access modes, tags, and concurrent editing, and deploys with a single Docker container.

My take: Not every team needs a knowledge base with a Postgres cluster behind it. The "SQLite plus files plus one container" approach is perfect for small teams and homelabs who want a wiki they can back up by copying a folder. I like tools that know their scope and stay there.

8. Caldera Music, a new self-hosted player

Rounding out the week, Caldera Music landed as a new open-source, self-hosted music player. It joins an already crowded field next to Navidrome and friends, but a fresh take on the self-hosted streaming experience is always welcome.

My take: The self-hosted media space proves a simple thing: when setup gets easy enough and the clients get good enough, people will happily run their own. Caldera is one to keep an eye on rather than migrate to today, but competition here only helps listeners.

What we're watching next week

• Kubernetes 1.33 EOL on June 28. Expect upgrade write-ups and the usual scramble.
• Mastra cleanup fallout. Watch for downstream advisories as projects audit whether they pulled a poisoned version between publication and detection.
• Euro-Office adoption signals. Will European public-sector pilots actually move, or is this another sovereignty announcement that stalls at the press release?
• Postgres 19 beta progress. It's still cooking, and every beta cut is worth a look before the GA rush.

The bottom line

This week's theme was trust. The Mastra attack and the OpenProject and Docker patches all say the same thing: running your own software means owning your supply chain and your security headers, not just your data. The upside showed up too, with Euro-Office and Pangolin proving that self-hosted alternatives keep closing the gap on the convenience of the cloud. Pin your dependencies, patch your services, and enjoy the fact that the open-source world keeps shipping.

Thanks for reading ❤️ See you next Friday 👋