Pi-hole has released version 2026.02.0, addressing two security vulnerabilities in the web interface alongside a batch of performance improvements targeting everything from startup speed to gravity update times. Users are encouraged to export their configuration via the Teleporter tool before updating with pihole -up, and the release is also available on Docker tagged as 2026.02.0.
The two patched security advisories affect the web interface and were fixed in commits d328f14 and 1a0c6f4. On the performance side, FTL v6.5 now imports historical query data from the database asynchronously on startup, meaning DNS resolution begins immediately rather than waiting for the full query history to load into memory. A new database.forceDisk option also allows FTL's in-memory SQLite3 database to be moved to disk, which can meaningfully reduce RAM usage on resource-constrained hardware like older Raspberry Pi models.
Gravity updates also got faster. Several optimizations to the domain validation loop in pihole -g reduced update time from roughly 27 seconds to about 23 seconds across a test set of five million domains, a 16% drop in real time and 22% reduction in CPU time. Improvements include a lookup table for domain character validation, short-circuit logic for IP address testing, and moving the unicode BOM check from per-line to per-file. Other changes in this release include an updated embedded dnsmasq to 2.92rc1, SQLite3 bumped to 3.51.2, Lua upgraded to 5.5, and a hardened default Content Security Policy.
The full changelogs for FTL v6.5, Web v6.4.1, and Core v6.4 are available on GitHub. Pi-hole remains free and open source.
