June 2025 Release Notes

This article was last updated on June 16, 2025.

What's New

Learn about new features across the Command Platform. These features were released over the past month and are available now:

Attack surface

Your attack surface is comprised of all of the potential entry points that attackers could exploit across your systems, applications, and networks. Developing knowledge of your attack surface is a key goal in improving your company's security posture.

Protect your attack surface with Surface Command integrations

Surface Command now integrates with additional third-party tools to further enhance your visibility across the attack surface. The newest connectors—Baramundi, Cybereason, Dragos, Markmonitor, Microsoft Defender for IoT, and Zabbix Cloud—enable streamlined insights, automation, and contextual analysis across diverse asset types.

With this capability in Surface Command > Connectors, you can:

  • Achieve full-spectrum visibility–understand your entire attack surface, including assets, networks, business applications, data storage, and user identities.
  • Gain multi-source context–correlate vulnerabilities and exposures from different security tools for deeper insights into risks and threats.
  • Automate security workflows–leverage integrated, action-oriented APIs to trigger remediation processes and streamline security operations.

Explore and analyze your external and internal assets with a unified interface

Surface Command now offers complete visibility and control over your internal and external attack surfaces in a single, unified interface—eliminating context switching and streamlining attack surface management.

With this capability in Surface Command > External Attack Surface, you can:

  • Experience a consistent and unified interface for both internal and external attack surface discovery.
  • Access external attack surface seed management, exploration, and insight dashboards directly within Surface Command.
  • Eliminate UI context switching when managing external discovery seeds.

Manage Vector Command testing status in Surface Command

Vector Command testing status is now fully integrated into Surface Command, so you can further streamline external attack surface management.

With this capability in Surface Command > External Attack Surface, you can:

  • Mark specific subdomains, IP addresses, and network services as out-of-scope for Vector Command penetration testing.
  • Establish Vector Command testing for dedicated QA and test systems instead of production systems.

Improve your focus in Surface Command with dark mode

Personalize your workspace with light or dark mode in Surface Command—ensuring visual comfort and a consistent experience across the Command Platform.

With this capability, you can:

  • Toggle between light and dark mode to match your personal visual preference.
  • Maintain a consistent visual experience as you transition to other Command Platform experiences.
  • Improve readability in low-light environments by switching to dark mode.

Top of page

Risk

Risk is the potential for loss or damage to your assets, operations, or reputation, due to vulnerabilities being exploited by a bad actor. Security teams must assess the risk level by evaluating the likelihood of a threat occurring and the impact that it would have if realized.

Prioritize what matters with mitigating controls in Remediation Hub

In Surface Command, Exposure Command, InsightCloudSec, InsightVM, and InsightConnect, prioritize what truly matters by highlighting assets that have mitigating controls—not just vulnerabilities. With full context on asset exposure and existing controls, Remediation Hub helps your teams cut through the noise, reduce backlog and friction with IT, and accelerate remediation where it counts most.

With this capability in Command Platform > Risk > Remediation Hub, you can:

  • Shift focus from what's merely vulnerable to what's truly at risk.
  • Accelerate workflows with all relevant data available in a single, streamlined view.
  • Cut through the noise with real asset context to save time and ensure remediation teams focus on what matters most.

Ingest cloud log data faster with expanded event sources

Cloud event data can now be ingested directly into Rapid7’s detection products without additional software.

With this capability, you can ingest data from the following event sources:

  • Claroty xDome
  • Imperva WAF

Accelerate cloud response with remediation recommendations for AWS and Azure

For InsightCloudSec, InsightIDR, Managed Threat Complete, and MDR, InsightIDR now provides expert-driven remediation guidance for AWS GuardDuty and Azure Defender for Cloud alerts, delivering faster, more consistent response through enriched cloud context.

With this capability in Alerts > Alert Details, you can:

  • Respond faster–get clear, structured remediation steps per alert group.
  • Improve consistency–leverage expert insights and automation scripts.
  • Reduce time to containment–take immediate, informed action on cloud threats.

Top of page

Threat

A threat is any potential event or action that could exploit vulnerabilities in a system, causing harm to assets, data, or operations. Threats can originate from various sources, including malicious actors, natural disasters, or unintentional human errors.

Expanded Emerging Threats (ET) Detection Coverage Now Live in Network Sensor

In InsightIDR, the Network Sensor now includes enhanced ET rulesets to detect exploit attempts, scanning behavior, and post-compromise activity. With coverage for high-profile vulnerabilities like JetBrains, Citrix, and Cisco, it identifies threats early across all network traffic and supports faster SOC response with MITRE-mapped alerts.

With this capability in Detection Rules, you can:

  • Detect emerging threats earlier–leverage dozens of new Suricata rules across ET EXPLOIT, ET EXPLOIT_KIT, and ET SCAN to surface exploit attempts and attacker behaviors in real time.
  • Uncover attacker intent–gain context-rich insights into reconnaissance activity and malware staging to better understand pre-attack patterns.
  • Accelerate incident response–enable faster triage and validation of high-severity alerts with precise, actionable detection logic.

Enhance threat coverage with new and migrated detection rules

The InsightIDR Detection Library continues to evolve, delivering faster, broader threat detection. This month, two new rules have been added, and six legacy rules have been migrated—part of our ongoing effort to unify and strengthen your detection experience.

With these updates in Detection Rules > Detection Rule Library, you can:

  • Stay ahead of emerging threats – leverage newly released rules to detect high-risk activity like watched or admin-led password resets.
  • Streamline rule management – benefit from the migration of legacy User Behavior Analytics (UBA) rules into the Detection Library, offering a single, comprehensive view of your detection landscape.
  • Improve response efficiency – with consistent rule access and faster insight into potential threats.

New Detection Rules:

  • Account Password Reset – Is Watched
  • Account Password Reset – Is Admin

Migrated Legacy Rules:

  • Third Party Alert – Cyberark Vault
  • Third Party Alert – Cybereason
  • Third Party Alert – Netskope
  • Zone Policy Violation
  • Flagged Hash On Asset
  • Flagged Process On Asset

Accelerate investigations with Principal API Activity Timeline (Azure)

InsightIDR now features a graph-based timeline for Azure Principal API activity, giving SOC analysts a unified view of user, role, and resource actions across multiple audit log sources.

With this capability in Alerts > Alert Details, you can:

  • Speed up investigations–quickly correlate API actions across time.
  • Improve incident response–faster threat identification and resolution.
  • Strengthen security posture–enhanced visibility supports proactive defense.

Top of page

Administration

Administration focuses on refining platform controls, improving navigation, and enhancing user management. Updates streamline permissions, configurations, and logging, creating a more intuitive and efficient experience for administrators.

Enable programmatic access and improved automation capabilities with InsightCloudSec API Documentation

In InsightCloudSec, empower your teams to automate with confidence using readily accessible InsightCloudSec API documentation—enabling faster integrations, streamlined workflows, and more scalable cloud security operations.

With this capability in InsightCloudSec > Profile, InsightCloudSec > Help menu, you can:

  • Accelerate automation of common security and compliance tasks by using documented API endpoints.
  • Reduce manual effort by programmatically managing cloud resources and remediation actions.
  • Empower developers and engineers with self-service access to reliable, up-to-date API documentation.

Accelerated Triage with AI Dispositioning

InsightIDR now extends the power of Rapid7’s SOC-grade machine learning to customers by automatically classifying alerts as likely benign or malicious in real time. A redesigned alert details interface provides visibility into the AI Engine’s decision-making process, offering greater transparency and control.

With this capability in Alerts > Alert Details, you can:

  • Accelerate alert triage – Leverage AI-generated dispositions to quickly identify which alerts require action.
  • Understand AI decisions – View the specific data inputs used by the Rapid7 AI Engine, and get detailed explanations of its logic.
  • Filter and audit with ease – Use the new “AI Suggested Disposition” field to sort and review AI-triaged alerts directly from the Alert Triage table.

Reduce data overages with InsightIDR fair use adjustment

Rapid7 understands how critical it is for you to capture endpoint data since the vast majority of attacks originate from these assets. InsightIDR allows you to capture Enhanced Endpoint Telemetry (EET) data, which, while critical to your SOC’s effectiveness, can be a large enough volume to jeopardize your monthly Fair Use data allowance.

To eliminate this possibility, Rapid7 has changed how your monthly Fair Use data allowance is calculated. Effective May 1, 2025, EET data is no longer included in your Fair Use monthly data allowance. You will still be able to ingest EET data; you will no longer be charged for it.

With this adjustment, you can:

  • Maintain complete coverage–preserve visibility across 100% of the endpoint attack surface.
  • Prioritize what matters–focus overage discussions on less critical data sources.

To access this, search the endpoint activity log set, including Process Start Events, Local Service Creation, and the Sysmon log source.

Enhance detection workflows with new disposition options

InsightIDR, Managed Threat Complete, and MDR now includes False Positive and Security Test as selectable dispositions for alerts and investigations. These options help teams more accurately categorize outcomes and improve visibility into detection and response efforts.

With this enhancement in Alerts and Investigations, you can:

  • Close process gaps–capture more precise outcomes from triage and investigation.
  • Strengthen detection workflows–gain clearer insight into alert and investigation resolution.

Fast, Flexible Bulk Exclusion for Endpoint Capabilities

In Managed Threat Complete and MDR, manage exclusions across your Endpoint capabilities in one unified area, with improved efficiency for fine-tuning benign alerts and better visibility and control at both the group the organization level.

With this enhancement in Command Platform > Administration > Data Collection > Agents > Endpoint Prevention > Exclusions, you can:

  • Create, edit and oversee all Endpoint exclusions from a centralized page.
  • Apply and edit exclusions for multiple groups.
  • Navigate a streamlined user experience to control exclusions from one place.

Top of page

Improvements and Fixes

Improvements and fixes are posted each Monday, and include a roundup of infrastructure improvements and fixes across the Rapid7 products and offerings:

InsightAppSec and AppSpider

No updates released at this time.

InsightCloudSec

Version 25.6.17

Software release date: June 17, 2025 | Release notes published: June 16, 2025

Details for self-hosted customers
Kubernetes Scanner Release details (version 4.1.5)
  • The Guardrails inventory scanner now falls back to scanning by namespace if it fails a cluster-wide permissions check.
  • Resolved an issue where previously scanned Kubernetes resources were not cleared from the database, leading to inaccurate Insight flags.
  • Fixed a false positive related to the Minimize access to create persistent volumes on roles Insight.
  • Added a new Insight Secrets stored in ConfigMaps, which scans for exposed secrets and confidential data stored in ConfigMaps.
  • Improved handling of hostPort mappings in ICS. The check now properly ignores a value of 0 and accounts for ephemeralContainers and initContainers, preventing incorrect alerts on resources without explicit hostPort assignments.

Helm chart details

This version can be managed using the updated Helm chart (version 4.1.5). Internal components versions are listed in the chart values file. To review component details, run:

shell
1
helm show values <chart name> | grep -E 'Name:|Version:'

Improved

  • Updated the copy that displays in the Resources Inventory when you don't have a type of resource for improved clarity.
  • Added an Add Organization button to the Cloud Accounts > Organizations page (Modern UI only).
  • Added support for optional custom tags in the Automatic LPA Deployment modal to prevent policy conflicts during Azure resource deployment.
  • Turned on the new interface for the System Admin pages by default. You can still access the old interface by using the Switch to Legacy UI button.
  • Added support for assessing vulnerabilities on AWS auto scaling groups.
  • Added support for local assessments of private Open Container Initiative (OCI) registries.
  • The Web App with Remote Debugging Turned On Insight has been deprecated. Use the updated Insight, Web App with Remote Debugging Enabled, for continued coverage.

Fixed

  • AzureArmIdentityDetailHarvester no longer fails when a subscription does not support classic administrators.
  • GCP IdentityProviderHarvester now functions on cloud accounts missing Identity provider configurations.
  • Azure database instance harvesting no longer fails when an instance is transitioning to a stopped state during discovery.
  • Harvesting Azure Flexible PostgreSQL servers no longer fails when no additional information is available from Azure Resource Graph.
  • Harvesting no longer fails on certain Azure SQL database servers when the harvester cannot determine the server’s public network access configuration.

Version 25.6.10

Software release date: June 10, 2025 | Release notes published: June 10, 2025

Details for self-hosted customers

Improved

  • Improved logging granularity for Azure Storage Accounts by capturing new diagnostic category groups (audit, allLogs). Updates improve accuracy for the following Insights:

    • Storage Account Blob Service Logging Disabled
    • Storage Account Queue Service Logging Disabled
    • Storage Account Table Service Logging Disabled

  • Added a harvester for Azure Storage Account lifecycle policies and rules. Also added new Query Filters:

    • Storage Account Without Lifecycle Policy
    • Storage Account With Disabled Lifecycle Policy Rules
    • Storage Account Without Lifecycle Policy Sub-Type
    • Storage Account Without Specified Rule For Policy Sub-Type This change requires a new permission: Microsoft.Storage/storageAccounts/managementPolicies/read

  • Azure LPA and EDH auto-deployment and subscribe endpoints now support tagging deployed resources.

  • We made several improvements to our user interface to ensure a cleaner and more consistent experience for the following pages:

    • User Management > Users
    • Cloud Accounts > Summary
    • User Management > User Roles
    • User Management > API Keys

    Additionally, the option to Switch to Legacy UI has been removed

Fixed

  • Removed EmailServiceRuleHarvester and GlobalLoadBalancerHarvester from AWS GovCloud due to incompatibility with GovCloud environments. Updated ServiceCheckHarvest and ServiceLimitHarvest to restrict operations to the us-gov-east-1 region for proper functionality. Note the ServiceLimitHarvest may require the support:RefreshTrustedAdvisorCheck permission.
  • guardrails inventory-scanner now falls back to namespace-level checks when cluster-wide permissions are unavailable.
  • Fixed a conversion bug in the AWS storage container converter for Terraform.
  • Fixed Entra ID authentication detection for PostgreSQL and MySQL instances.
  • Corrected zone redundancy and multi-AZ reporting for Azure instances.
  • Standardized Azure storage size units to GB.
  • Fixed inaccurate encryption detection for data at rest and in transit.
  • Corrected public network accessibility reporting for managed instances.
  • Improved overall stability of the DatabaseInstanceHarvester.

Version 25.6.3

Software release date: June 3, 2025 | Release notes published: June 3, 2025

Improved

  • Enhanced how InsightCloudSec identifies and evaluates public accessibility for AWS Instance resources. This update refines the detection logic for public access scenarios.
  • Expanded Attack Paths support for AWS Instance resources to include Network Firewall, Network Endpoint, and Web Application Firewall nodes. This results in changes to Attack Path IDs. To see how old IDs map to new ones, you can use the /v2/prototype/apa/path-mapping endpoint. See Using the InsightCloudSec API for details on getting started with the API.
  • Updated release notes URL.
  • Added tooling to monitor peak memory usage per job run.
  • Updated the required permissions list for Oracle users:
    • Allow group InsightCloudSec to read domain in tenancy
    • Allow group InsightCloudSec to read integration-instances in tenancy
    • Allow group InsightCloudSec to read logging-family in tenancy
  • Added support to harvest BigQuery Dataset Tables.
  • Removed query filter: Dataset Tables Not Leveraging Customer-Managed Encryption Key (CMEK).
  • Deregistered the GCP ContainerRegistryHarvester as the service was discontinued. This harvester is replaced by ArtifactRegistryHarvester.
    • Docker image artifacts are now treated as a child resource and can only be seen on the Related Resources tab for the parent resource or programmatically using the related resource API endpoint.
  • Added support for EDH actions TagResource and UntagResource for EFS.
  • Introduced support for Azure App Service Environments including a new harvester, resource, and query filter.
  • Added the CIS GCP 3.0 Compliance Pack.
  • Introduced in-transit encryption support for auto-provisioned EDH queues.
  • Implemented Databricks Workspace resource expansion with configuration fields and Private Network linkage. Also added Query Filters related to the new configuration fields.
  • Updated and renamed Insights for CIS GCP 3.0 Recommendations 2.4–2.11.
  • Added new Insight: Serverless Function With Enabled Cloud Secret Manager API.
  • Added new Insight: Subnet Without VPC Flow Logs Enabled.
  • Added new Insight: Cloud Accounts Without Sinks Configured for All Log Entries.
  • Added new Insight: Cloud Account Linked to Cloud Credential Without App Restrictions.
  • Added new Query Filter: Resource Encrypted With Cloud Managed Key.
  • Added new Query Filter: Database Migration Endpoint Is/Is Not Encrypted.
  • Added new Query Filter: Cloud Accounts Without Sinks Configured For All Log Entries.
  • Added new Query Filter: Cloud Credential Without App Restrictions.
  • Introduced new query filters for Subnet log config including metadata and sampling controls.
  • Added query filters for GCP Organization Service API and Serverless Functions with Secret Manager API.
  • Added tagging support for Azure Container Registry.
  • Added source document support for AWS instance resource agents.
  • Added new error messages for the Infrastructure as Code (IaC) scanner.

Fixed

  • Resolved an issue with instance count values in Network resource that caused false positives in Azure for the Network With No Instances Insight.
  • Fixed incorrect results in the Layered Context Vuln Resources containing CVE IDs.
  • Fixed issue with Azure Private Endpoints causing NetworkEndpointHarvester to fail.
  • Resolved "Out of sort memory" issue in ResourceGroupInsightFindings job.
  • Fixed issue with missing keys during compact Redis cache writing for insights.
  • Addressed problem with Kubernetes Insights showing outdated scan data.
  • Resolved issue with vulnerabilities not returned when using Jinja templates in Bot Actions.
  • Resolved issue with the Compliance Report PDF download failing to render all content.
  • Fixed issue with ServiceCertificateAuthorityHarvester.
  • Fixed error in Vulnerabilities->Resources advanced filter for multiple CVE detection.
  • Corrected issue where IaC Scan Completion Notifications linked to invalid URLs.
  • Resolved bug where Kubernetes Compliance Scorecard results incorrectly showed "No results" page.
  • Corrected a bug where tags for Azure Container Registry were not supported.

Top of page

InsightIDR

June 9, 2025

Release notes published: June 9, 2025

Improved

  • Updated the default date range of the Investigation Details > Inspect Actor Activity feature from 30 days to the last 24 hours, providing faster and more relevant insights.
  • Enhanced the Add Event Source form to include updated help content and clearer collection method descriptions, featuring a cleaner design and more descriptive language for improved usability.

June 2, 2025

Release notes published: June 2, 2025

Improved

  • Added new investigation disposition options: “False Positive” and “Security Test.”
  • Added a new “Command Platform Features” tab in Settings, consolidating InsightVM and Agent settings into a single page.
  • Grouped related fields in the event source creation form to improve readability and allow collapsible sections.
  • The product select page to add new event sources now clearly indicate which event sources don’t require collectors and provides simpler access to configure collectors.

Fixed

  • Removed attribution preference settings for Imperva event sources, since Imperva does not produce attributable documents.
  • All Login URLs from the Code42 API documentation are now available when configuring a new Code42 event source.
  • Credentials can be configured for new directory watcher or file tailing event sources.

Top of page

InsightVM

Versions are usually released to a cohort of customers on Mondays and all customers on Wednesdays.

Version 8.11.0

Software release date: June 16, 2025 | Release notes published: June 16, 2025

Legacy risk strategies deprecation

Legacy risk strategies—Temporal, TemporalPlus, Weighted, and PCI ASV 2.0—will be deprecated on January 21, 2026. To ensure continued support and access to the most effective risk prioritization, switch to the Active Risk strategy. Active Risk uses continuously updated CVSS data, threat intelligence, and proprietary Rapid7 research to provide the most accurate risk assessment for your assets.

To learn more, see the Active Risk adoption guide or the risk score comparison guide.

Improved

  • These changes improve the accuracy and flexibility of Junos OS version handling and ensure more reliable test coverage.
    • Enhanced JunosOSVersionComparator logic to better handle special patches in version range checks.
    • Updated canCompare method to allow comparison of versions with matching release and revision, even if special patches differ.
    • Improved parsing and comparison logic in JunosVersion for more robust handling of contemporary and legacy version formats.
    • Updated unit tests in JunosOSVersionComparatorTest and JunosVersionTest to cover new comparison scenarios and parsing edge cases.
  • Added a confirmation step requiring users to type "CONFIRM" before deactivating their console.
  • Updated our built-in content to support CIS Google Chrome Benchmark version 3.0.0.
  • Updated our built-in content to support CIS Microsoft Windows 11 Enterprise Benchmark version 4.0.0.

Fixed

  • We fixed a bug that could lead to an infinite loop on the Windows Bluekeep check.
  • We fixed an issue where the SQL Query Export report was experiencing degraded performance.
  • The Risk and Asset Over Time graph will not be impacted after the execution of the purge orphan assets Database Maintenance task.
  • Fixed an issue with the API endpoint /api/3/solutions producing a 500 error for certain solutions.
  • Improved asset deletion performance.

Version 8.10.0

Software release date: June 11, 2025 | Release notes published: June 12, 2025

This release does not contain any product changes or fixes. This release is only meant to ensure that offline deployments of InsightVM, such as those running in air-gapped networks, are provided with the latest installers containing up-to-date security content (up to and including June 10, 2025).

Version 8.9.1

Software release date: June 10, 2025 | Release notes published: June 12, 2025

Improved

  • Updated Scan Assistant to improve reliability, including default recovery settings on Windows and resolving incorrect “obsolete” status in certain package managers.
  • Upgraded the Java Runtime to version 17.0.15 to include the latest security and stability improvements.
  • Added support for the CIS Ubuntu 24.04 Benchmark v1.0.0 in our policy content to ensure continued compliance with the latest Ubuntu release.

A bug was introduced in version 8.9.0 to a small cohort of customers on June 4, 2025. The code was reverted and version 8.9.1 was released to that cohort on June 9, 2025.

Fixed

  • Fixed an issue that prevented passwordless restores from working correctly.
  • Improved messaging in the “Vulnerability Exceptions Review” and “Delete” dialogs for better clarity.
  • Resolved a sorting issue in the Risk Score Table on the Asset Detail Page that affected some users.
  • Corrected date display issues for vulnerabilities caused by time zone differences.
  • Fixed a problem where UI error pages were not displaying properly.

Top of page

Intelligence Hub

June 16, 2025

Release notes published: June 16, 2025

Improved

  • Enhanced Threat Actor Activity Tracking: Threat actors are now prioritized based on their most recent activity, including updates across all associated campaigns. This ensures you always see the most relevant and up-to-date threat intelligence first.
  • Streamlined Table Search: Easily find campaigns and actor profiles with new search functionality that allows filtering by name and description.

Fixed

  • Improved sorting for threat actor campaigns and related artifacts on profile pages, ensuring the most recent information is always at the top.
  • Corrected country name displays to show full names for better clarity.

Top of page

Nexpose

Versions are usually released to a cohort of customers on Mondays and all customers on Wednesdays.

Nexpose version 8.11.0

Software release date: June 16, 2025 | Release notes published: June 16, 2025

Legacy risk strategies deprecation

Legacy risk strategies—Temporal, TemporalPlus, Weighted, and PCI ASV 2.0—will be deprecated on January 21, 2026. To ensure continued support and access to the most effective risk prioritization, switch to the Active Risk strategy. Active Risk uses continuously updated CVSS data, threat intelligence, and proprietary Rapid7 research to provide the most accurate risk assessment for your assets.

To learn more, see the Active Risk adoption guide or the risk score comparison guide.

Improved

  • These changes improve the accuracy and flexibility of Junos OS version handling and ensure more reliable test coverage.
    • Enhanced JunosOSVersionComparator logic to better handle special patches in version range checks.
    • Updated canCompare method to allow comparison of versions with matching release and revision, even if special patches differ.
    • Improved parsing and comparison logic in JunosVersion for more robust handling of contemporary and legacy version formats.
    • Updated unit tests in JunosOSVersionComparatorTest and JunosVersionTest to cover new comparison scenarios and parsing edge cases.
  • Added a confirmation step requiring users to type "CONFIRM" before deactivating their console.
  • Updated our built-in content to support CIS Google Chrome Benchmark version 3.0.0.
  • Updated our built-in content to support CIS Microsoft Windows 11 Enterprise Benchmark version 4.0.0.

Fixed

  • We fixed a bug that could lead to an infinite loop on the Windows Bluekeep check.
  • We fixed an issue where the SQL Query Export report was experiencing degraded performance.
  • The Risk and Asset Over Time graph will not be impacted after the execution of the purge orphan assets Database Maintenance task.
  • Fixed an issue with the API endpoint /api/3/solutions producing a 500 error for certain solutions.
  • Improved asset deletion performance.

Nexpose version 8.10.0

Software release date: June 11, 2025 | Release notes published: June 12, 2025

This release does not contain any product changes or fixes. This release is only meant to ensure that offline deployments of InsightVM, such as those running in air-gapped networks, are provided with the latest installers containing up-to-date security content (up to and including June 10, 2025).

Nexpose version 8.9.1

Software release date: June 10, 2025 | Release notes published: June 12, 2025

Improved

  • Updated Scan Assistant to improve reliability, including default recovery settings on Windows and resolving incorrect “obsolete” status in certain package managers.
  • Upgraded the Java Runtime to version 17.0.15 to include the latest security and stability improvements.
  • Added support for the CIS Ubuntu 24.04 Benchmark v1.0.0 in our policy content to ensure continued compliance with the latest Ubuntu release.

A bug was introduced in version 8.9.0 to a small cohort of customers on June 4, 2025. The code was reverted and version 8.9.1 was released to that cohort on June 9, 2025.

Fixed

  • Fixed an issue that prevented passwordless restores from working correctly.
  • Improved messaging in the “Vulnerability Exceptions Review” and “Delete” dialogs for better clarity.
  • Resolved a sorting issue in the Risk Score Table on the Asset Detail Page that affected some users.
  • Corrected date display issues for vulnerabilities caused by time zone differences.
  • Fixed a problem where UI error pages were not displaying properly.

Top of page

Surface Command

No updates released at this time.

Top of page

Threat Command

No updates released at this time.

Top of page