TykTechnologies · JoanCamosTyk · Apr 9, 2026 · Apr 9, 2026 · Apr 9, 2026 · Apr 9, 2026
diff --git a/developer-support/release-notes/dashboard.mdx b/developer-support/release-notes/dashboard.mdx
@@ -1280,6 +1280,107 @@ Fixed an issue where the `/apis/streams/{apiID}` endpoint was expecting a `Conte
 
 ## 5.8 Release Notes
 
+### 5.8.13 Release Notes
+
+#### Release Date xx April 2026
+
+#### Release Highlights
+
+Tyk Dashboard has been updated to Go 1.25 and Debian 13 (Trixie) for enhanced security and performance, including updated FIPS-compliant images. This release also addresses multiple CVEs in dependent libraries.
+
+For a comprehensive list of changes, please refer to the detailed [changelog](#Changelog-v5.8.13).
+
+#### Breaking Changes
+
+There are no breaking changes in this release
+
+#### Dependencies
+
+##### Compatibility Matrix For Tyk Components
+
+| Gateway Version | Recommended Releases | Backwards Compatibility |
+| :---- | :---- | :---- |
+| 5.8.13   | MDCB v2.9.0     | MDCB v2.9.0 |
+|         | Operator v1.3.0 | Operator v0.17 |
+|         | Sync v2.1.6     | Sync v2.1.1 |
+|         | Helm Chart v5.1.0 | Helm all versions |
+|         | EDP v1.17.0     | EDP all versions |
+|         | Pump v1.14.0    | Pump all versions |
+|         | TIB (if using standalone) v1.7.0 | TIB all versions |
+
+##### 3rd Party Dependencies & Tools
+
+| Third Party Dependency                                       | Tested Versions        | Compatible Versions    | Comments | 
+| :------------------------------------------------------------ | :---------------------- | :---------------------- | :-------- | 
+| [Go](https://go.dev/dl/)                                     | 1.25  |  1.25  | [Go plugins](/api-management/plugins/golang) must be built using Go 1.24 | 
+| [Redis](https://redis.io/download/)  | 6.2.x, 7.x  | 6.2.x, 7.x  | Used by Tyk Gateway | 
+| [OpenAPI Specification](https://spec.openapis.org/oas/v3.0.3)| v3.0.x                 | v3.0.x                 | Supported by [Tyk OAS](/api-management/gateway-config-tyk-oas) |
+
+Given the potential time difference between your upgrade and the release of this version, we recommend users verify the ongoing support of third-party dependencies they install, as their status may have changed since the release.
+
+#### Deprecations
+
+No deprecations in this release.
+
+#### Upgrade instructions
+
+If you are upgrading to 5.8.13, please follow the detailed [upgrade instructions](#upgrading-tyk).
+
+#### Downloads
+
+- [Docker image to pull](https://hub.docker.com/r/tykio/tyk-dashboard/tags?page=&page_size=&ordering=&name=v5.8.13)
+  - ```bash
+    docker pull tykio/tyk-dashboard:v5.8.13
+    ``` 
+- Helm charts
+  - [tyk-charts v5.1.0](/developer-support/release-notes/helm-chart#5-1-0-release-notes)
+
+
+#### Changelog
+<a id="Changelog-v5.8.13" data-scroll-offset></a>
+
+##### Changed
+
+<AccordionGroup>
+
+<Accordion title='Updated Go version to 1.25'>
+The Tyk Dashboard has been updated to Golang 1.25, improving security by staying up-to-date with Go versions.
+</Accordion>
+
+<Accordion title='Update base images to Debian 13 (Trixie)'>
+Updated the base Docker images for Tyk Dashboard to Debian 13 (Trixie) to address multiple vulnerabilities in the underlying operating system.
+</Accordion>
+
+<Accordion title='Update FIPS images to Go 1.25 and Debian 13'>
+Updated the FIPS-compliant Docker images to use Go 1.25 and Debian 13 as the base image to ensure continued security and compliance.
+</Accordion>
+
+</AccordionGroup>
+
+##### Security Fixes
+
+<AccordionGroup>
+
+<Accordion title='CVE fixed'>
+Addressed the following CVEs, providing increased protection against security
+vulnerabilities, including, but not limited to:
+
+- <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-29063" target="_blank">CVE-2025-29063</a>
+- <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-15281" target="_blank">CVE-2025-15281</a>
+- <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-0861" target="_blank">CVE-2026-0861</a>
+- <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-0915" target="_blank">CVE-2026-0915</a>
+- <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-25679" target="_blank">CVE-2026-25679</a>
+- <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-32285" target="_blank">CVE-2026-32285</a>
+- <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-32286" target="_blank">CVE-2026-32286</a>
+- <a href="https://www.cvedetails.com/cve/CVE-2026-33186/" target="_blank">CVE-2026-33186</a>
+- <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-34986" target="_blank">CVE-2026-34986</a>
+
+</Accordion>
+
+</AccordionGroup>
+
+
+
 ### 5.8.12 Release Notes
 
 #### Release Date 11 March 2026

diff --git a/developer-support/release-notes/gateway.mdx b/developer-support/release-notes/gateway.mdx
@@ -1503,6 +1503,123 @@ Upgraded to use the latest upstream version of kin-openapi (v0.132.0). This ensu
 
 ## 5.8 Release Notes
 
+### 5.8.13 Release Notes
+
+#### Release Date xx April 2026
+
+#### Release Highlights
+
+Tyk Gateway has been updated to Go 1.25 and Debian 13 (Trixie) for enhanced security and performance, including updated FIPS-compliant images. This release addresses multiple CVEs in dependent libraries and resolves issues, including route priority logic in ValidateRequest middleware, unnecessary pod restarts during Redis outages, and certificate caching failures in data plane gateways during MDCB outages.
+
+For a comprehensive list of changes, please refer to the detailed [changelog](#Changelog-v5.8.13).
+
+#### Breaking Changes
+
+There are no breaking changes in this release
+
+#### Dependencies
+
+##### Compatibility Matrix For Tyk Components
+
+| Gateway Version | Recommended Releases | Backwards Compatibility |
+| :---- | :---- | :---- |
+| 5.8.13   | MDCB v2.9.0     | MDCB v2.9.0 |
+|         | Operator v1.3.0 | Operator v0.17 |
+|         | Sync v2.1.6    | Sync v2.1.1 |
+|         | Helm Chart v5.1.0 | Helm all versions |
+|         | Pump v1.14.0    | Pump all versions |
+
+##### 3rd Party Dependencies & Tools
+
+| Third Party Dependency                                       | Tested Versions        | Compatible Versions    | Comments | 
+| :------------------------------------------------------------ | :---------------------- | :---------------------- | :-------- | 
+| [Go](https://go.dev/dl/)                                     | 1.24  |  1.24  | [Go plugins](/api-management/plugins/golang) must be built using Go 1.24 | 
+| [Redis](https://redis.io/download/)  | 6.2.x, 7.x  | 6.2.x, 7.x  | Used by Tyk Gateway | 
+| [OpenAPI Specification](https://spec.openapis.org/oas/v3.0.3)| v3.0.x                 | v3.0.x                 | Supported by [Tyk OAS](/api-management/gateway-config-tyk-oas) |
+
+Given the potential time difference between your upgrade and the release of this version, we recommend users verify the ongoing support of third-party dependencies they install, as their status may have changed since the release.
+
+#### Deprecations
+
+No deprecations in this release.
+
+#### Upgrade instructions
+
+If you are upgrading to 5.8.13, please follow the detailed [upgrade instructions](#upgrading-tyk).
+
+#### Downloads
+
+- [Docker image to pull](https://hub.docker.com/r/tykio/tyk-gateway/tags?page=&page_size=&ordering=&name=v5.8.13)
+  - ```bash
+    docker pull tykio/tyk-gateway:v5.8.13
+    ``` 
+- Helm charts
+  - [tyk-charts v5.1.0](/developer-support/release-notes/helm-chart#5-1-0-release-notes)
+
+- [Source code tarball of Tyk Gateway v5.8.13](https://github.com/TykTechnologies/tyk/releases/tag/v5.8.13)
+
+#### Changelog
+<a id="Changelog-v5.8.13" data-scroll-offset></a>
+
+##### Changed
+
+<AccordionGroup>
+
+<Accordion title='Updated Go version to 1.25'>
+The Tyk Gateway has been updated to Golang 1.25, improving security by staying up-to-date with Go versions.
+</Accordion>
+
+<Accordion title='Update base images to Debian 13 (Trixie)'>
+Updated the base Docker images for Tyk Gateway to Debian 13 (Trixie) to address multiple vulnerabilities in the underlying operating system.
+</Accordion>
+
+<Accordion title='Update FIPS images to Go 1.25 and Debian 13'>
+Updated the FIPS-compliant Docker images to use Go 1.25 and Debian 13 as the base image to ensure continued security and compliance.
+</Accordion>
+
+</AccordionGroup>
+
+##### Fixed
+
+<AccordionGroup>
+
+<Accordion title='Fix route priority logic for ValidateRequest middleware'>
+Resolved an issue where parameterized paths could incorrectly take precedence over static paths when using the ValidateRequest middleware in Tyk OAS APIs. Static paths will now correctly bypass validation if not explicitly configured, restoring the expected routing behavior.
+</Accordion>
+
+<Accordion title='Prevented unnecessary Gateway pod restarts during Redis outages'>
+Resolved an issue where the Gateway's liveness health check endpoint (`/hello`) incorrectly returned a 503 Service Unavailable status during Redis downtime, causing Kubernetes to trigger `CrashLoopBackOff` and restart healthy Gateway pods unnecessarily.
+
+The Gateway now maintains healthy liveness probe responses during Redis outages, ensuring pod stability and service continuity.
+</Accordion>
+
+<Accordion title='Fixed certificate caching in data plane gateways during MDCB outages'>
+Resolved an issue where data plane gateways were not caching certificates in local Redis storage, preventing them from functioning when MDCB became unavailable. Gateways can now reliably serve HTTPS and handle client/upstream mTLS traffic even during MDCB outages.
+</Accordion>
+
+</AccordionGroup>
+
+##### Security Fixes
+
+<AccordionGroup>
+
+<Accordion title='CVE fixed'>
+Addressed the following CVEs, providing increased protection against security
+vulnerabilities, including, but not limited to:
+
+- <a href="https://nvd.nist.gov/vuln/detail/CVE-2025-15281" target="_blank">CVE-2025-15281</a>
+- <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-0861" target="_blank">CVE-2026-0861</a>
+- <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-0915" target="_blank">CVE-2026-0915</a>
+- <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-25679" target="_blank">CVE-2026-25679</a>
+- <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-32285" target="_blank">CVE-2026-32285</a>
+- <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-32286" target="_blank">CVE-2026-32286</a>
+- <a href="https://www.cvedetails.com/cve/CVE-2026-33186/" target="_blank">CVE-2026-33186</a>
+- <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-34986" target="_blank">CVE-2026-34986</a>
+
+</Accordion>
+
+</AccordionGroup>
+
 ### 5.8.12 Release Notes
 
 #### Release Date 11 March 2026

diff --git a/developer-support/release-notes/overview.mdx b/developer-support/release-notes/overview.mdx
@@ -11,7 +11,7 @@ export const releaseData = {
       "licensed": true,
       "latest": "5.12.0",
       "releaseNotesPath": "developer-support/release-notes/dashboard",
-      "lts": "5.8.12",
+      "lts": "5.8.13",
       "latestData": {
         "name": "5.12.0",
         "date": "06/03/2026",
@@ -74,7 +74,7 @@ export const releaseData = {
       "licensed": false,
       "latest": "5.12.0",
       "releaseNotesPath": "developer-support/release-notes/gateway",
-      "lts": "5.8.12",
+      "lts": "5.8.13",
       "latestData": {
         "name": "5.12.0",
         "date": "06/03/2026",