Manager
Removed
- Removed unused SSL/TLS transport option from cluster. (#35648)
Fixed
- Improved message decompression handling in remoted. (#35773)
- Improved agent name validation to reject names starting with dot. (#35833)
- Fixed segfault in vulnerability scanner module shutdown when disabled. (#36011)
- Fixed string buffer handling in version comparison function. (#36059)
- Improved cluster file synchronization security. (#36060)
- Improved cluster file synchronization error handling on invalid task identifiers. (#36129)
- Improved cluster merged file parameter validation to prevent directory escape. (#36204)
- Improved
tmp_filepath validation in cluster DAPI. (#36246) - Improved cluster non-merged file path validation during worker file processing. (#36296)
- Improved cluster node name format validation in the hello handler. (#36460)
- Fixed missing
agent.host.ipin inventory documents when agent IP is empty. (#35475) - Fixed stale agent
syncedstatus after hot reload on cluster worker nodes. (#6726)
Agent
Fixed
- Fixed agent registration not running on reinstall after
apt-get remove. (#35727) - Fixed MS-Graph integration handling for relationships containing
/. (#35431) - Fixed macOS syscollector to skip package receipts whose payload is no longer installed. (#35380)
- Fixed missing eBPF create, modify and delete events on Ubuntu 24/26 and improved FIM whodata healthcheck. (#35838)
- Hardened FIM database path lookups by migrating to parameterized SQL queries. (#36399)
RESTful API
Fixed
- Escaped control characters in API usernames in access logs. (#35866)
- Added input validation in cluster result handling and authentication. (#35757)
- Fixed current user resolution in the
update-userendpoint to enforce admin protection. (#35442)
Ruleset
Fixed
- Updated rootcheck trojan signatures to avoid false positives on modern distributions (Debian 13, Ubuntu 26, Arch Linux). (#35927)