RATATOSKRATATOSK
Sign in

Releases

AI-analyzed release notes for CNCF graduated and incubating projects.

May 2026Clear ×

Confidential Containers

SecurityMay 29, 2026

Confidential Containers v0.21.0 patches a moderate guest-components security advisory (GHSA-84rc-2q4r-45pc) and formally advances four deprecations toward removal in v0.22, while bundling Kata 3.31.0, Trustee 0.20.0, and several Trustee/KBS capability additions including gRPC plugins and centralized storage.

  • securityPatch guest-components security advisory GHSA-84rc-2q4r-45pc

    GHSA-84rc-2q4r-45pc is a moderate-severity vulnerability in guest-components. Upgrade to v0.21.0 to receive the patch.

  • breakingCAA docker provider scheduled for removal in v0.22

    The CAA docker provider, deprecated since v0.20, will be removed in v0.22. Migrate to an alternative provider before the next release.

  • breakingFedora-based mkosi-built CAA podvm image scheduled for removal in v0.22

    The Fedora-based mkosi-built CAA podvm image, deprecated since v0.20, will be removed in v0.22. Switch to an alternative image build method.

  • breakingPacker-built CAA podvm image scheduled for removal in v0.22

    The packer-built CAA podvm image, deprecated since v0.17, will be removed in v0.22. Update your podvm image build configuration.

  • breakingCAA csi-wrapper component scheduled for removal in v0.22

    The CAA csi-wrapper component is deprecated and will be removed in v0.22. Plan to remove or replace this component in your deployment.

Key changes (5)
  • Security fix: guest-components advisory GHSA-84rc-2q4r-45pc patched
  • Four deprecations advancing to removal in v0.22: CAA docker provider, Fedora-based mkosi-built CAA podvm image, packer-built CAA podvm image, CAA csi-wrapper
  • Kata Containers updated to 3.31.0; Trustee and guest-components to 0.20.0 with KBS protocol v0.4.0
  • KBS adds resource deletion support on some storage backends; Trustee gains gRPC plugin interface and centralized storage backend
  • TPM verifier reports AK as TCB claim; Trustee improves TLS, TDX, SE support and multi-device attestation; RVPS adds basic CoRIM support; Attestation Agent better reports supported TEEs
Source

Kubescape

SecurityMay 29, 2026

Kubescape v4.0.9 is a large maintenance release fixing scan accuracy bugs (partial resource collection, coverage reporting, Prometheus output), hardening data exposure in scan reports, and changing the patch command's default push behavior.

  • securityReview secret exposure fixes and new anonymization flag

    Multiple fixes landed for secret/data leakage in scan output: EnvFrom and Env[].ValueFrom are now cleared in removeContainersData (commits acc3280, 0c68cca), an IDOR in /v1/results was hardened (commit 0fe6a0f), and a new --hide/anonymization pipeline was added to scrub resource names, namespaces, labels, annotations, and container metadata from scan reports. If you share or export Kubescape reports outside your team, review the new --hide flag and confirm your CI artifacts aren't exposing secret references from container env vars.

  • breakingPatch command no longer pushes images by default

    Kubescape's `kubescape fix` command now defaults to not pushing patched images (commit b10cbb1). If your CI pipelines relied on the old default push behavior, add an explicit `--push` flag or equivalent opt-in, or your patch pipeline will silently stop pushing images after upgrading.

  • enhancementAdopt new coverage-gate and diff commands in CI

    New flags let you gate CI pipelines on scan coverage and control results: --fail-coverage-below sets a minimum coverage threshold (commit 4ae7b87), and scan coverage gaps/not-evaluated controls are now reported explicitly (commit 5876d2b). A new `kubescape diff` command compares two scan reports (commit 00682ee). Add --fail-coverage-below to CI gates where partial resource collection could previously pass silently, and use `kubescape diff` to track posture drift between scans.

Key changes (6)
  • Partial GVR (resource type) collection failures are now surfaced instead of silently suppressed, and ScanCoverage reflects failed/not-evaluated controls
  • New --fail-coverage-below flag and kubescape diff command for CI coverage gating and report comparison
  • New --hide flag and anonymization pipeline scrub resource names, namespaces, labels, annotations, and container metadata from output
  • fix command now requires explicit opt-in to push images (previously pushed by default)
  • Multiple Prometheus output fixes: missing HELP/TYPE headers added, score/metrics writes routed to correct writer, duplicate headers deduplicated
  • K8s resource collection parallelized for performance, and a TOCTOU race in TimedCache was fixed
Source

Cloud Custodian

SecurityMay 28, 2026

0.9.51.0 is a broad feature release adding new AWS AI/ML and agent resources, fixing a breaking iam-access-key schema change, and significantly expanding GCP label management coverage across ~15 resource types.

  • breakingRemove json-diff filter from iam-access-key policies before upgrading

    The `json-diff` filter has been removed from `aws.iam-access-key`. Any policies using this filter will fail at runtime. Audit your policy files for `iam-access-key` resources before upgrading and remove or replace any `json-diff` filter references.

  • enhancementAdopt new cross-account org path support for IAM policy checks

    AWS cross-account policy evaluation now supports `aws:PrincipalOrgPaths` and whitelisted accounts. If you run cross-account governance policies, review this new support — it may let you replace custom workarounds you've built for org-path-based principal checks.

  • enhancementExtend GCP label compliance policies to cover newly supported resource types

    GCP label coverage has expanded significantly: Cloud Run services/jobs, Pub/Sub topics/subscriptions, Redis, Secrets Manager secrets, snapshots, DNS managed zones, interconnects, load balancer addresses and forwarding rules, and Cloud Functions all now support `set-labels` and `mark-for-op`. If you run GCP tagging compliance policies, this release lets you extend label enforcement to most of these resource types without workarounds. Update your GCP policies to cover the newly supported resources.

Key changes (5)
  • Breaking: `json-diff` filter removed from `aws.iam-access-key` — policies using it will error on upgrade
  • New AWS resources: `bedrock-foundation-model`, `bedrock-guardrail`, and `devops-agent-space` added; Bedrock inference profiles gain a `metrics` filter
  • AWS EKS gets `addon` and `metrics` (container insights) filters; RDS gains `recommendations` filter; unused RDS parameter group filter added for both `rds-param-group` and `rds-cluster-param-group`
  • EC2 and Lambda now have `iam-role` and `iam-role-tag-mirror` filters, fixing a previous resource/role attribute mismatch
  • GCP label actions (`set-labels`, `mark-for-op`) added to ~15 resource types including Cloud Run, Pub/Sub, Redis, Secrets, DNS, and interconnects; new resources added for Firestore, NCC spoke, Redis cluster, and Vertex AI Model Garden
Source

SPIRE

SecurityMay 28, 2026

SPIRE v1.15.1 fixes a node attestation forgery vulnerability in the azure_imds plugin; anyone using Azure IMDS attestation should patch now.

Key changes (3)
  • Fixed a security issue in the azure_imds server node attestor plugin
  • Updated golang.org/x/net to v0.55.0
  • Updated golang.org/x/crypto to v0.52.0
Source

SPIRE

SecurityMay 28, 2026

v1.14.7 patches a critical azure_imds node attestor vulnerability that allowed forged VM identity during node attestation. Mandatory upgrade for any Azure IMDS users.

  • securityUpgrade immediately if using azure_imds node attestor

    The azure_imds node attestor had a certificate validation bug: it anchored the PKCS7 certificate bag's first cert to Azure roots, but verified the signature against a separate signer cert from SignerInfo. An attacker could slip a real Azure cert into the bag alongside content signed by an unrelated cert, getting a forged node attestation accepted. If you use Azure IMDS node attestation, treat this as a mandatory upgrade — an attacker with network access could impersonate arbitrary Azure VMs during node attestation.

  • enhancementDependency updates bundled in this release

    golang.org/x/net, golang.org/x/crypto, and go-jose/v4 are all updated alongside Go 1.26.3 toolchain. These dependency updates are routine but include security fixes in the upstream packages. No action needed beyond upgrading SPIRE.

Key changes (4)
  • Critical fix in azure_imds server node attestor: PKCS7 certificate chain validation was decoupled from signature verification, enabling forged node attestation
  • Go toolchain updated to 1.26.3
  • golang.org/x/net bumped to v0.55.0, golang.org/x/crypto to v0.52.0
  • go-jose/v4 updated to v4.1.4
Source

OpenFGA

SecurityMay 28, 2026

OpenFGA v1.16.1 is a bug-fix and security patch release, mainly hardening the experimental weighted_graph_check algorithm and updating grpc-health-probe for Go std lib CVEs.{}}}}} ,

Key changes (5)
  • CI workflow runs now cancel-in-progress via concurrency.group for PR workflows, cutting wasted CI runner time
  • Fixed weighted_graph_check incorrectly falling back to the standard algorithm on deadline/cancellation/throttle-timeout errors instead of returning them directly
  • Fixed weighted_graph_check emitting metrics under the wrong method label when run as the primary algorithm
  • Fixed a weight2 strategy bug in weighted_graph_check that could return false denies when contextual tuples were present, due to a broken sort assumption in the pruning optimization
  • Bumped grpc-health-probe to v0.4.50 to pick up Go std lib CVE fixes
Source

Open Policy Agent (OPA)

SecurityMay 28, 2026

OPA v1.17.0 fixes a semantic bug in negation handling and improves decision log label reporting. Most changes are enhancements; one dependency removal requires manual GOMAXPROCS configuration in some environments.

  • breakingRemoved automaxprocs and x/net dependencies; configure GOMAXPROCS manually if needed

    OPA v1.17.0 removes the automaxprocs and x/net dependencies, reducing the runtime footprint and eliminating potential conflicts with applications that also manage those libraries. No action is required unless your deployment explicitly depends on automaxprocs behavior (automatic CPU detection and GOMAXPROCS tuning). If you rely on that behavior, you may need to configure GOMAXPROCS explicitly in your environment or deployment. Most users will see no impact.

  • enhancementImport future.keywords.not to fix negation semantics in composite expressions

    OPA v1.17.0 introduces a new `future.keywords.not` import that fixes a long-standing semantic bug where negation of composite expressions (`not f(g(input.x))`) would fail silently if any intermediate value was undefined, instead of correctly succeeding. With the import enabled, undefined intermediates no longer cause rule failure. If your policies rely on negation of complex expressions where inputs or function results might be undefined, import `future.keywords.not` to fix unintuitive failures. This is a behavioral change that may affect policy evaluation, but in the direction of correctness.

  • enhancementUpdate decision log parsing for new rule_labels array format

    Decision logs now include a new top-level `rule_labels` array that collects labels from all successfully evaluated rules in a single entry, with inner-scope-wins precedence (rule > document > package > subpackages). This replaces the previous behavior of one log entry per label-contributing scope. If you parse or query decision logs by rule labels, update your log parsing logic to read from `rule_labels` as an array of merged label maps rather than individual scope-level entries. This change simplifies label aggregation and is now processed by default in both runtime and Go SDK.

Key changes (5)
  • New `future.keywords.not` import fixes unintuitive failures when negating composite expressions with undefined intermediates.
  • Decision logs now include `rule_labels` array with merged labels from all successfully evaluated rules.
  • Bundle manifest and IR plan JSON schemas are now published for validation and tooling integration.
  • Removed automaxprocs and x/net dependencies to reduce runtime footprint.
  • Pattern validation enabled in `json.verify_schema` and `json.match_schema` builtin functions.
Source

Falco

SecurityMay 26, 2026

Falco 0.44.0 drops three long-deprecated features (gRPC output, gVisor engine, legacy BPF probe) and adds expressive rule engine improvements. Deployments using any of these must migrate before upgrading.

  • securityfalco-webui restricted to local access — check external tooling

    The falco-webui Docker service now restricts access to localhost only. If you had it exposed on a broader interface, that changes on upgrade. This is a net positive for most deployments, but verify any tooling or dashboards that reached the webui over the network still work after the upgrade.

  • breakingThree features dropped — check your config before upgrading

    Three major removals land in this release: gRPC output/server, gVisor engine, and the legacy BPF probe. If you rely on gRPC-based output consumers, you need an alternative output path (e.g., JSON over HTTP, or a sidecar) before upgrading. gVisor users must switch to a supported engine. Legacy BPF users should move to the modern eBPF probe. Audit your current config for any of these before touching 0.44.0 in production.

  • enhancementRicher rule syntax — review custom rules for validation errors

    The rule engine now supports oneof/allof/anyof string comparator modifiers, and rules can use list transformer exceptions. These let you write tighter, more expressive detection rules without duplicating conditions. If you maintain custom rules, review whether these can replace existing workarounds. Also, Falco now validates unknown keys in rules — so rule files with typos or unsupported fields will produce warnings or errors instead of silently being ignored.

Key changes (7)
  • gRPC output/server support removed — migrate output consumers before upgrading
  • gVisor engine support removed — move to a supported engine if applicable
  • Legacy BPF probe removed — switch to modern eBPF probe
  • New string comparator modifiers (oneof/allof/anyof) in the rule engine
  • Unknown-key validation in rules: malformed rules now surface errors
  • falco-webui Docker service restricted to localhost access only
  • capture_events and capture_filesize stop conditions added for capture files
Source

OpenFGA

SecurityMay 20, 2026

v1.16.0 patches a critical OIDC token rejection bug after key rotation, fixes two correctness bugs in experimental weighted_graph_check, and updates Go to address stdlib CVEs.

  • securityUpdate immediately if using OIDC auth or any Go stdlib CVEs apply

    Two separate security concerns here. First, the OIDC JWKS refresh fix means deployments that rotate issuer keys were silently rejecting valid tokens — if you've seen 401s after a key rotation, this is why. Second, the Go 1.24.3 update patches stdlib vulnerabilities; review the Go 1.24.3 release notes to assess exposure. Upgrade to v1.16.0 promptly in both cases.

  • breakingweighted_graph_check users: validate results after upgrading

    Two correctness bugs were fixed in the experimental weighted_graph_check feature. Cache key collisions and false-negative caching from cancelled goroutines mean prior versions could return incorrect 'false' results. If you're running this in any meaningful capacity, run a validation pass against known-good authorization scenarios after upgrading to confirm behavior is now correct.

  • enhancementConfigure PingTimeout to catch datastore connectivity issues faster

    The new PingTimeout and PingRetryMaxElapsedTime config options give you explicit control over how long OpenFGA waits to confirm datastore connectivity at startup and during health checks. Set these to values aligned with your SLOs — tighter timeouts surface infrastructure problems earlier instead of letting the server spin up against a degraded datastore.

Key changes (5)
  • OIDC authentication now refreshes JWKS on unknown 'kid', fixing valid token rejections after issuer key rotation (rate-limited to once per minute)
  • Go toolchain updated to 1.24.3 to address Go standard library security vulnerabilities
  • Fixed two bugs in experimental weighted_graph_check: cache key collisions in union resolution and false negatives from cancelled in-flight goroutines
  • weighted_graph_check now falls back to the standard algorithm instead of erroring when v2Check fails
  • New datastore ping timeout configs: PingTimeout and PingRetryMaxElapsedTime for better connection health control
Source

SPIRE

SecurityMay 19, 2026

SPIRE v1.15.0 adds HashiCorp Vault key management, rootless Podman support, and PROXY protocol rate limiting, while promoting sigstore attestation out of experimental. One CLI JSON output change requires attention before upgrading.

  • breakingAudit CLI JSON consumers before upgrading

    The CLI no longer wraps objects in slices when printing JSON output. Any scripts, pipelines, or tools that parse SPIRE CLI JSON output will likely break — they expected arrays and will now get single objects. Audit all automation that calls spire-server or spire-agent CLI with JSON output flags before rolling this out. Test in a non-production environment first.

  • breakingUpdate metric dashboards for 'bootstrapped' label rename

    The metric label 'bootstraped' (one 'p') was corrected to 'bootstrapped'. Any Prometheus queries, Grafana dashboards, or alerting rules referencing the old misspelled label will silently stop matching after upgrade. Find and update all references before deploying v1.15.0.

  • enhancementMigrate to HashiCorp Vault Key Manager if your org already runs Vault

    If your team already operates HashiCorp Vault, the new Vault Key Manager plugin lets you consolidate key storage there instead of managing a separate AWS KMS or Azure Key Vault setup. This is particularly useful for on-prem or multi-cloud deployments where cloud-native KMS options are awkward. Review the plugin configuration docs and plan a key migration window — existing keys in other backends won't auto-migrate.

  • enhancementPromote sigstore attestation to production workloads

    Sigstore-based attestation in both the k8s and docker attestors is now stable. If you've been holding off due to the experimental flag, this is the release to enable it for production. Verify your signing workflows are compatible and enable the feature in staging first to confirm selector behavior matches expectations.

Key changes (6)
  • HashiCorp Vault Key Manager plugin added — new option for key storage alongside existing AWS KMS and Azure Key Vault backends
  • CLI JSON output breaking change: objects are no longer wrapped in slices, which will break any tooling parsing the current format
  • sigstore support in k8s and docker attestors is now stable (out of experimental) — safe to use in production
  • Docker workload attestor now handles rootless Podman, expanding coverage for non-root container runtimes
  • GCP IIT node attestor no longer requires 'use_instance_metadata: true' to get service account email — simplifies GCP configs
  • Metric label typo fixed: 'bootstraped' renamed to 'bootstrapped' — update any dashboards or alerts using this label
Source

Keycloak

SecurityMay 19, 2026

Keycloak 26.6.2 is a security-heavy patch release addressing 16 CVEs spanning session fixation, XSS, access control bypass, redirect URI validation, and cryptographic weaknesses. Upgrade immediately.

  • securityUpgrade immediately — multiple account takeover and data leakage CVEs

    This release patches session fixation (CVE-2026-7507) enabling account takeover, redirect URI bypass (CVE-2026-7504), access token disclosure (CVE-2026-7571), stored XSS in org templates (CVE-2026-37980), and PII enumeration via account resource lookup (CVE-2026-37981). These are not theoretical — they affect standard OIDC flows and admin APIs. Any Keycloak 26.x deployment should be upgraded to 26.6.2 without delay. Check your change management process, but treat this as an emergency patch.

  • securityFreeMarker RCE risk — audit custom login themes before upgrading

    CVE tracked under #47915 allowed FreeMarker templates to instantiate arbitrary Java objects and execute OS commands. If you have custom login themes that accept any user-influenced input in FTL files, audit them now. The fix adds proper expression escaping in JS blocks within FTL pages. After upgrading, test your custom themes to ensure the new escaping doesn't break existing behavior — especially in frontchannel-logout.ftl.

  • securityWebAuthn AAGUID policy bypass — re-verify authenticator enrollment policies

    CVE-2026-6856 allowed packed self-attestation to bypass AAGUID allowlist policies during WebAuthn registration. If you rely on AAGUID restrictions to enforce specific authenticator hardware (e.g., FIDO2 security keys in regulated environments), credentials may have been enrolled that violate your policy. After upgrading, review recently enrolled WebAuthn credentials and consider requiring re-enrollment if strict hardware attestation is a compliance requirement.

Key changes (5)
  • 16 CVEs patched including critical issues: session fixation in OIDC flow (account takeover), redirect URI validation bypass, access token disclosure via forged client data, and stored XSS in organization template
  • WebAuthn AAGUID policy bypass via packed self-attestation fixed — attestation enforcement was not reliable before this patch
  • OIDC introspection endpoint now enforces audience restrictions, preventing claim leakage from lightweight access tokens
  • FreeMarker templates hardened against object instantiation and OS command execution — a serious RCE-class vulnerability in login UI
  • JDBC_PING cluster discovery updated to not break under 26.7 schema changes, easing rolling upgrades
Source

Kyverno

SecurityMay 18, 2026

Kyverno v1.18.1 is a targeted patch fixing two regressions in generate and mutate-existing policies introduced in v1.18.0.

  • breakingUpgrade immediately if you use generate policies on cluster-scoped resources

    If you upgraded to v1.18.0 and have GeneratingPolicy rules targeting cluster-scoped resources (ClusterRoles, Namespaces, CRDs, etc.), generation was silently broken. v1.18.1 restores correct behavior. Validate that expected resources were actually generated after upgrading — anything that should have been generated during the v1.18.0 window may need manual remediation or a policy re-trigger.

  • breakingMutate-existing policies on v1.18.0 may have produced incorrect results

    The AdmissionRequest context was not being forwarded to UpdateRequests in mutate-existing policies. This means any rule relying on request context (user info, object, oldObject) for conditional logic or patches would have behaved incorrectly. Audit mutations applied while running v1.18.0 and verify affected resources are in the expected state after upgrading to v1.18.1.

  • enhancementTreat v1.18.0 as effectively broken for generate and mutate-existing users

    Both fixes were cherry-picked from main, meaning v1.18.0 should be skipped entirely if you rely on either feature. Skip straight to v1.18.1. If you are still on v1.17.x and evaluating the v1.18 line, start your testing against v1.18.1 instead.

Key changes (3)
  • Fixed cluster-scoped resource generation in GeneratingPolicy, which was broken in v1.18.0
  • Fixed AdmissionRequest not being passed to UpdateRequests for mutate-existing policies, causing incorrect or missing mutations
  • No new features or API changes — pure bug fixes only
Source

The Update Framework (TUF)

SecurityMay 18, 2026

v7.0.0 fixes a Windows-specific security vulnerability in delegation path matching and tightens the ngclient API with one breaking constructor change.

  • securityPatch Windows deployments immediately for GHSA-qp9x-wp8f-qgjj

    Delegation path matching was broken on Windows, meaning a malicious or misconfigured repository could match targets it shouldn't. If any of your TUF clients run on Windows, upgrade to v7.0.0 now. Linux/macOS deployments are unaffected, but upgrading is still the right move before paths diverge further.

  • breakingUpdate all Updater() call sites to use the named bootstrap argument

    The Updater() constructor signature changed: 'bootstrap' is now a required keyword argument. Any code calling Updater() without explicitly passing 'bootstrap' will break. Audit your code for Updater instantiations — if you weren't passing a bootstrap value before, add bootstrap=None to restore the previous behavior. This is a one-line fix per call site, but it will cause an immediate TypeError if missed.

  • enhancementWatch for securesystemslib.hash removal in upcoming releases

    This release starts phasing out the securesystemslib.hash dependency. If your codebase or any custom TUF extensions directly import or rely on securesystemslib.hash, start planning a migration now rather than scrambling when a future release drops it entirely.

Key changes (5)
  • Security fix for GHSA-qp9x-wp8f-qgjj: incorrect delegation path matching on Windows could allow unauthorized targets to be trusted
  • Updater() constructor now requires 'bootstrap' as a named argument — previously it had a default, now you must be explicit
  • To preserve old behavior with no bootstrap, pass bootstrap=None explicitly
  • Preparatory work to drop securesystemslib.hash dependency in a future release
  • Several documentation corrections
Source

Kubescape

SecurityMay 8, 2026

Kubescape v4.0.8 is a focused patch release that fixes several VAP (Validating Admission Policy) bugs and adds a --timeout flag to the deploy-library command.

  • breakingVAP label selector parsing was silently wrong — verify your policies

    The old code split label selectors on '=' directly instead of using Kubernetes' label parser. DoubleEquals (==) selectors were also incorrectly accepted. If you've generated VAP policies with Kubescape and used complex label selectors, re-generate and re-validate those policies with v4.0.8. Don't assume previously generated output was correct.

  • enhancementUse --timeout with VAP deploy-library in slow clusters

    The new --timeout flag on the deploy-library command lets you tune how long Kubescape waits during VAP library deployment. If your cluster has slow API server response times or you're running in CI with strict time limits, set this explicitly rather than relying on the default. Test in staging first to find a safe value before enforcing it in pipelines.

  • enhancementConnector URL back-propagation fix matters for cloud API setups

    A bug where connector URLs weren't back-propagated to the config object during cloud API initialization is now fixed. If you use Kubescape's cloud integration and noticed inconsistent scan result submissions, this patch addresses the root cause. Upgrade and re-run a scan to confirm results are reaching your backend correctly.

Key changes (5)
  • Added --timeout flag to the VAP deploy-library command for controlling deployment timeouts
  • Fixed label selector validation to use Kubernetes upstream label parsing instead of raw string splitting — prevents silent breakage with complex selectors
  • Fixed K8s name and namespace validation to use proper DNS label validation helpers
  • Fixed writeOutput to auto-create parent directories, preventing file write failures
  • Suppressed spurious interrupt signal log messages on graceful exit — cleaner operator experience
Source

Kubescape

SecurityMay 8, 2026

Kubescape v4.0.7 is a broad bug-fix and usability release: better input validation, safer concurrency in the HTTP handler, a new ControlInput CRD, and service discovery without a sidecar.

  • breakingThreshold flags now fail fast — check your CI pipelines

    Severity-threshold, compliance-threshold, and fail-threshold flags are now validated before the scan starts. Scripts or CI jobs that pass invalid threshold values will now exit immediately with an error rather than completing the scan and ignoring the flag. Review your scan invocations to confirm all threshold flags are valid before upgrading.

  • enhancementDrop the sidecar for service discovery

    Service discovery now queries the Kubernetes API directly. If you've been running a sidecar specifically to support Kubescape's service discovery, you can remove it. Audit your deployments before upgrading to avoid unexpected behavior from redundant sidecars.

  • enhancementDeploy the ControlInput CRD for in-cluster tuning

    The new ControlInput CRD lets you configure control inputs directly in the cluster rather than through external files. This only activates during live cluster scans, so file-scan workflows are unaffected. Apply the CRD after upgrading if you want to centralize scan policy configuration in-cluster.

Key changes (5)
  • New ControlInput CRD enables in-cluster control configuration — gated to live cluster scans only, not file-based scans
  • Service discovery now pulls services directly from the API, dropping the sidecar requirement entirely
  • TLS key configuration for the HTTP handler can now be set via environment variables, with a hard error on partial TLS config
  • Severity, compliance, and fail threshold flags are now validated early — before the scan runs — across all relevant subcommands
  • YAML parsing switched from byte-split to a line scanner with raised buffer limits; parse errors now surface instead of silently dropping documents
Source

OpenFGA

SecurityMay 6, 2026

v1.15.1 is a stability patch fixing two serious runtime bugs — a potential deadlock in Check and a semaphore leak under context cancellation — plus a cache collision in the experimental weighted graph check.

  • securityCache key collision in `weighted_graph_check` could return incorrect authorization results

    If you're running the experimental `weighted_graph_check` feature, the cache collision bug means Check could return stale or wrong results for relationships in unions with direct types, wildcards, TTU paths, or intersections. This is an authorization correctness issue — wrong answers on permission checks. Upgrade before relying on this feature in any environment where correctness matters. If you can't upgrade immediately, disable the experimental feature flag.

  • breakingUpgrade immediately — deadlock and semaphore leak bugs affect production stability

    Two bugs here can quietly degrade running services. The deadlock in Check (message streams held open on error) can starve request processing over time. The semaphore leak in the bounded tuple reader under context cancellation means goroutine/resource exhaustion under load or timeout-heavy workloads. Neither requires config changes — just upgrade. If you've seen unexplained Check hangs or increasing resource pressure after cancellations, these are the culprits.

  • enhancementListObjects now handles short-circuit errors correctly

    A subtle bug was causing expected errors (non-fatal path short-circuits) to bubble up incorrectly in ListObjects responses. If you've seen unexpected errors returned from ListObjects queries that should have silently short-circuited, this fix resolves that. No action needed beyond upgrading — but worth re-validating ListObjects behavior in your test suite after the upgrade.

Key changes (5)
  • Fixed potential panic in command error handling
  • Fixed deadlock risk in Check by ensuring message streams close on error instead of hanging indefinitely
  • Fixed semaphore token leaks in the bounded tuple reader during context cancellation
  • Fixed cache key collisions in experimental `weighted_graph_check` affecting unions with multiple branches
  • Fixed incorrect error propagation in ListObjects when a path short-circuits
Source

in-toto

SecurityMay 4, 2026

in-toto v3.1.0 migrates away from sslib's hash functions, switches to ruff for code style, and refreshes Debian packaging — mostly maintenance, but the sslib change has dependency implications.

  • breakingAudit your sslib dependency if you use it alongside in-toto

    in-toto has internalized sslib's hash functions because sslib is being deprecated. If your project independently depends on sslib for other functionality, start planning a migration now — don't assume sslib will remain maintained. Check your dependency tree for anything that transitively pulls in sslib and evaluate whether those paths need updating.

  • enhancementUse the new `in-toto-run` return code passthrough in CI pipelines

    Previously, `in-toto-run` would swallow the wrapped command's exit code, which could mask failures in CI. With passthrough now enabled, the return code of the wrapped command propagates correctly. If you have shell scripts or CI steps that check exit codes after `in-toto-run`, verify your error handling still works as intended — behavior has changed and some pipelines may now surface previously hidden failures.

  • enhancementIf you contribute to or package in-toto, update your dev tooling to ruff

    The codebase now enforces ruff-based style rules. If you maintain a fork, downstream package, or contribute PRs, your existing flake8/pylint setup will likely flag false conflicts. Align your local dev environment with ruff before opening PRs against this version or later.

Key changes (5)
  • sslib hash functions ported directly into in-toto due to sslib deprecation — reduces external dependency
  • Code style tooling switched from existing linter to ruff (PEP 8 enforcement updated across codebase)
  • Debian dependencies and build rules refreshed for current packaging compatibility
  • CLI: `in-toto-run` now passes through the wrapped command's return code
  • Documentation updates covering pipeline configuration and general content improvements
Source

Kubescape

SecurityMay 4, 2026

v4.0.6 tackles a wave of false negatives, silent errors, and correctness bugs in scanning — namespace filters, exception matching, and OPA eval failures all get fixes that change scan results.

  • securityAudit vulnerability exception lists for case inconsistencies

    Exception matching for image scan CVE IDs was case-sensitive before this fix, meaning 'ghsa-xxxx' and 'GHSA-xxxx' were treated as different identifiers. Any exceptions defined with lowercase CVE/GHSA IDs were silently not applied. After upgrading, check that your exception lists use consistent casing and re-verify which vulnerabilities are actually being excepted.

  • securityRaw request bodies are no longer logged — review your log retention

    Kubescape's HTTP handler was logging full scan request bodies, which could include sensitive resource manifests or configuration data. That logging is now removed. If you've been collecting these logs, review and rotate any stored log data that may contain manifest content.

  • breakingExpect scan result changes after upgrading — false negatives are now real failures

    Two distinct bugs caused resources to silently disappear from scan results: OPA eval errors were swallowed, and partial GVR collection failures were suppressed. Both are fixed. If your baseline compliance scores looked suspiciously clean, re-run scans after upgrading and treat new failures as real findings that were always there, not regressions introduced by the upgrade.

Key changes (5)
  • OPA eval errors no longer silently drop resources — failures now surface instead of producing false negatives
  • Namespace filter now correctly preserves cluster-scoped resource results when --include-namespaces is set
  • CVE exception matching is now case-insensitive, fixing missed exceptions on lowercase CVE IDs
  • Helm value overrides can now be passed through kubescape scan, and Kustomize directories with Helm dependencies render correctly
  • Raw scan request bodies are no longer logged, and concurrent exception file writes get unique temp files per request
Source
Browse by month