github prowler-cloud/prowler 5.24.1
Prowler 5.24.1
on GitHub

6 hours ago

UI

🐞 Fixed

  • Findings and filter UX fixes: exclude muted findings by default in the resource detail drawer and finding group resource views, show category context label (for example Status: FAIL) on MultiSelect triggers instead of hiding the placeholder, and add a wide width option for filter dropdowns applied to the findings Scan filter to prevent label truncation (#10734)
  • Findings grouped view now handles zero-resource IaC counters, refines drawer loading states, and adds provider indicators to finding groups (#10736)
  • Other Findings for this resource: ordering by severity (#10778)
  • Other Findings for this resource: show delta indicator (#10778)
  • Compliance: requirement findings do not show muted findings (#10778)
  • Latest new findings: link to finding groups order by -severity,-last_seen_at (#10778)

🔒 Security

  • Upgrade React to 19.2.5 and Next.js to 16.2.3 to mitigate CVE-2026-23869 (React2DoS), a high-severity unauthenticated remote DoS vulnerability in the React Flight Protocol's Server Function deserialization (#10754)

API

🔄 Changed

  • Attack Paths: Restore SYNC_BATCH_SIZE and FINDINGS_BATCH_SIZE defaults to 1000, upgrade Cartography to 0.135.0, enable Celery queue priority for cleanup task, rewrite Finding insertion, remove AWS graph cleanup and add timing logs (#10729)

🐞 Fixed

  • Finding group resources endpoints now include findings without associated resources (orphaned IaC findings) as simulated resource rows, and return one row per finding when multiple findings share a resource (#10708)
  • Attack Paths: Missing tenant_id filter while getting related findings after scan completes (#10722)
  • Finding group counters pass_count, fail_count and manual_count now exclude muted findings (#10753)
  • Silent data loss in ResourceFindingMapping bulk insert that left findings orphaned when INSERT ... ON CONFLICT DO NOTHING dropped rows without raising; added explicit unique_fields (#10724)

SDK

🔄 Changed

  • msgraph-sdk from 1.23.0 to 1.55.0 and azure-mgmt-resource from 23.3.0 to 24.0.0, removing marshmallow as is a transitively dev dependency (#10733)

🐞 Fixed

  • Cloudflare account-scoped API tokens failing connection test in the App with CloudflareUserTokenRequiredError (#10723)
  • Google Workspace Calendar checks false FAIL on unconfigured settings with secure Google defaults (#10726)
  • prowler image --registry failing with ImageNoImagesProvidedError due to registry arguments not being forwarded to ImageProvider in init_global_provider (#10470)
  • Google Workspace Drive checks false FAIL on unconfigured settings with secure Google defaults (#10727)
  • Cloudflare validate_credentials can hang in an infinite pagination loop when the SDK repeats accounts, blocking connection tests (#10771)
Check out latest releases or
releases around prowler-cloud/prowler 5.24.1

Don't miss a new prowler release

NewReleases is sending notifications on new releases.

Get notifications