General Availability Releases

If you are using a client (RDM, PowerShell, etc.), version 2026.1 is required for this DVLS version IMPROVEMENTS Core - Added an option to hide the domain login method when domain SSO is enabled Core - Dynamic IP Lists are now generated by the server so they work correctly in the web interface and all clients Core - Expired entry lists and scheduled reports now display the full folder path for better context Core - Fixed path filtering behavior in the Public API, including support for empty paths returning root entries Gateway - Gateway-managed sessions from user vaults now correctly display the user's identity Gateway - In RDM, the Gateway section is only available for vaults with Gateway access FIXES Core - Fixed a crash when editing unsupported entry types Core - Fixed a failure when moving entries between vaults with folders sharing the same name in RDM Core - Fixed activity logs showing identical active time and duration values when switching tabs Core - Fixed an incorrect message indicating DVLS would revert to the free version after deleting a license Core - Fixed errors triggered by the "Buy now" button in the licenses section Core - Fixed missing activity log events when deleting or restoring user groups PAM - Fixed an empty approver list in the checkout approval dialog for certain SSH account configurations PAM - Fixed an issue where the default Gateway was not saved when enabling Gateway usage on a PAM provider PAM - Fixed domain PAM provider connection tests incorrectly falling back to the parent domain PAM - Fixed missing password reset after failed JIT elevation for non-provisioning accounts PAM - Fixed OTP prompt appearing for brokering-only PAM accounts PAM - Fixed vault owners missing from checkout request approver lists PAM - Fixed visual issues in the propagation template interface Web - Fixed a blank tree view that appeared when editing entries near the bottom of the scroll position Web - Fixed a Content Security Policy issue preventing RDP connections in the web client Web - Fixed an error when saving user vault entries for accounts without a user vault Web - Fixed live session recordings showing an empty dialog in the web client Web - Fixed SSH session recordings not opening in the web interface Web - Fixed the "Reveal password" button failing when creating a Password List entry ** CONSOLE RELEASE NOTES ** IMPROVEMENTS Added SQL database compatibility level verification during updates to prevent upgrade failures FIXES Fixed an installation failure during SQL Server Express setup caused by generated passwords containing single quotes

If you are using a client (RDM, PowerShell, etc.), version 2026.1 is required for this DVLS version NEW FEATURES Core - Added custom vault dashboard widgets with drag-and-drop reordering Core - Added Just-in-Time (JiT) access for SSH (sudo) sessions Core - Added new Contractors account type with expiration date support Core - Added support for SSH key certificates in the web Core - Added vault priority sorting Core - Admins can create preset dashboards for users Core - Licenses can now be purchased directly within DVLS Core - Multiple Improved and fixed with the synchronizer where they was mismatch with RDM Core - Users can now request a trial directly from the application Core - Users can now request sudo access when requesting checkout Gateway - Added RDP credential injection for more secure session launches Gateway - Added traffic event logs to privileged session monitoring PAM - Added MongoDB provider support PAM - Added PowerShell session recording PAM - Added the ability to automatically terminate active sessions when a PAM account is checked in PAM - Added UI to assign and manage risk levels for roles IMPROVEMENTS Core - Added "Prompt on connection" support for linked VPN/SSH/Gateway sessions, matching the behavior already available for linked credentials Core - Added launch links on connections for quick session sharing Core - Added missing fields in the "Advanced" tab for SFTP connections Core - Added OTP support for linked external vaults Core - Added support for editing Delinea Secret Server entries directly within DVLS Core - Admins can set the default behavior for automatically checking in PAM accounts when closing entries Core - Corrected inaccurate syslog messages that reported successful logins incorrectly Core - Entra ID now enforces secret expiration with banner and email warnings Core - Entry security settings now use inherited values by default Core - Error reports now include connection type details Core - Improve Entry Security Analyzer report to include all relevant fields, matching the information already available in RDM Core - Improved license management — disabling a user now automatically removes their assigned licenses Core - Improved performance for access requests in RDM Core - Linked vaults can now point to entries in the same folder Core - Public API now supports CRUD operations for folders and vaults Core - Renamed Log Retention Policies to Database Retention Policies and added retention options for connection history, remote sessions, and traffic events Core - Simplified license assignment in data sources Core - Synchronizers now support scheduling by hour Core - Tags can now be used with inheritance rules Core - The public API now supports full CRUD operations for vaults, allowing administrators to create, read, update, and delete vaults programmatically Core - Users can now configure multiple MFA methods at once Gateway - Renamed "Virtual Gateway" to "Gateway ruleset" Gateway - Sessions can now be recorded on a different gateway than the launch gateway Gateway - The Gateway Diagnostic window now displays whether Devolutions Agent is installed and running Gateway - The gateway list now automatically refreshes after an update request completes PAM - Added "Create folder" option when importing PAM accounts PAM - Added "Skip TLS validation" option in PowerShell provider settings PAM - Added "Workspace" as a supported application option in the PAM usage policies admin section PAM - Improved error message when no provider is specified on a PAM account PAM - Renamed "Scan" to "Account Discovery" PAM - Users without a PAM license can now perform basic PAM operations, such as checking out PAM credentials, without requiring a full PAM license Assignment Web - Added a warning in the web interface when an OTP account name contains a colon (":"), consistent with existing behavior in RDM Web - Administrators can now set permissions on entry types that are not technically supported on the web Web - Users can now customize the "Add connection" favorites section Web Client - Multiple UI improvements Web Client - Updated dark theme FIXES Core - Fixed a regression where it was no longer possible to set a user as an administrator Core - Fixed a scheduler timeout error that could cause scheduled tasks to fail intermittently Core - Fixed an error occurring when too many vaults were present Core - Fixed an error that occurred when editing account login information on a deprecated entry type Core - Fixed an issue where exported logs from the DVLS Console were being cropped and truncated Core - Fixed an issue where forbidden passwords could still be saved in a password list entry Core - Fixed an issue where new Active Directory user accounts were not appearing in DVLS, preventing the auto-create on first login feature from Working correctly Core - Fixed an issue where OAuth token rejections were incorrectly returning HTTP 200 with an empty response instead of a proper error code Core - Fixed duplicate vault cards appearing on the dashboard Core - Fixed notification emails being sent in English for users configured in French Core - Fixed repeated migration attempts after SQL migration and server restart Gateway - Fixed a issue where clicking "Close" from the session kebab menu did not always close the session on the first attempt Gateway - Fixed a missing configuration option in the Web UI for allowing additional hosts through Devolutions Gateway Gateway - Fixed an inconsistency in how Gateway tunnels were configured and displayed between RDM and the Web UI Gateway - Fixed an issue where enabling vault-level security on a gateway prevented it from being used in gateway farms and PAM providers Gateway - Fixed an issue where virtual gateways were not automatically deleted when their associated physical gateway was removed, leaving orphaned entries that no longer functioned PAM - Fixed "Nobody" account appearing when "Ignore system users" was enabled PAM - Fixed a security issue where non-administrator users could view other users' PAM actions in the Privileged Access logs PAM - Fixed account discovery failure caused by circular security group membership PAM - Fixed an error that occurred when attempting to add a folder to a newly created PAM vault during the import process PAM - Fixed an issue where Domain Quick Scan was no longer working PAM - Fixed an issue where groups located in the Builtin organizational unit were not visible when selecting groups for JIT (Just-In-Time) elevation PAM - Fixed Local Windows scan failure when credentials were linked PAM - Fixed SSH scan failure when sudo was configured with NOPASSWORD Web - Fixed inconsistent rendering of secure notes set as Markdown across different platforms Web - Fixed the Notification Subscriptions filter not working correctly Web - Multiple UI fixes ** CONSOLE RELEASE NOTES ** IMPROVEMENTS Core - Improved performance for static resource loading by enabling HTTP/2 support when anonymous authentication is configured in IIS Core - Renamed the "Stable" release channel to "Extended maintenance" in the console to better reflect its support lifecycle Gateway - Added a new System Certificate Store configuration key for Devolutions Gateway in the console FIXES Core - Fixed basic installation failure when a generated password contained a single quote (') Gateway - Fixed an issue in the console where certificate configuration was cleared when editing a gateway, requiring users to re-enter the certificate

If you are using a client (RDM, PowerShell, etc.), version 2025.3 is required for this DVLS version IMPROVEMENTS SECURITY Core - Enhanced database security by encrypting previously cleartext personal credentials storage FIXES SECURITY Core - Fixed sensitive credential exposure through API endpoints for users with View-only permissions Core - Fixed crash in Reports > Entry Diagnostic page caused Core - Fixed credential prompt appearing unexpectedly when sessions inherit credentials from parent folders Core - Fixed issue where MFA reset option was not working properly for user accounts Core - Fixed issue where some user vault entries were permanently lost when deleting a user and transferring their vault Gateway - Fixed PAM sessions remaining open in Gateway when PAM operations fail, preventing session accumulation Linux - Fixed error when configuring Active Directory authentication on Linux servers PAM - Fixed password reset not being triggered after importing Entra ID accounts Web - Fixed character encoding issues in Active Directory Console displaying special characters incorrectly Web - Fixed infinite resize loop causing flickering or grey screen when switching from Dynamic Resizing to Actual Size mode Web - Fixed tag autocomplete not filling in the rest of the tag name when selecting from dropdown suggestions Web - Fixed tree view crash ** CONSOLE RELEASE NOTES ** IMPROVEMENTS Minor updates

If you are using a client (RDM, PowerShell, etc.), version 2025.3 is required for this DVLS version NEW FEATURES Core - Added ability to request a trial directly from the application IMPROVEMENTS Core - Added connection type information to error reports for better troubleshooting Core - Update DUO MFA integration FIXES SECURITY Core - Fixed sensitive credentials being exposed via API endpoints for users with view-only permissions SECURITY Core - Fixed SQL injection vulnerability in remote sessions API SECURITY Gateway - Fixed virtual gateway deny IP and DNS rules being bypassed using linked host entries in user vaults Core - Fixed server crash when non-admin users manage temporary access requests through RDM secure messages Core - Fixed Syslog timestamp format being invalid in certain locales such as Finland Core - Fixed vault filter not being applied correctly in PAM recent activities scheduled reports Gateway - Fixed variables not being resolved in privileged session monitoring PAM - Fixed password being updated in database even when scheduled reset fails on the target system PAM - Fixed Windows local account scans failing on non-English operating systems Web - Fixed sessions failing to launch from web interface when user-specific settings are disabled globally ** CONSOLE RELEASE NOTES ** FIXES Minor update

If you are using a client (RDM, PowerShell, etc.), version 2025.3 is required for this DVLS version IMPROVEMENTS Core - Enabled password history for Secret entry types FIXES SECURITY Core - Fixed user and role restore API endpoints being accessible without proper UserManager or Admin permissions Core - Fixed notifications being sent for deleted entries that had expired Core - Fixed OTP code viewing being logged as "Password viewed" instead of "OTP code viewed" in the web interface PAM - Fixed builtin organizational units not appearing in PAM account discovery scans PAM - Fixed LDAPS heartbeat and password rotation failures for accounts in Active Directory Protected Users Group Web - Fixed vaults failing to load after performing a force refresh on the entry templates page Web - Fixed website becoming completely unresponsive when typing the expiration date for certificate entries ** CONSOLE RELEASE NOTES ** FIXES Core - Fixed error when generating recovery kit with Azure Key Vault

If you are using a client (RDM, PowerShell, etc.), version 2025.3 is required for this DVLS version NEW FEATURES [BC] Core - DVLS Free now limited to a single user but includes Remote Desktop Manager access IMPROVEMENTS PAM - Added create folder button when importing PAM accounts for easier organization FIXES SECURITY Core - Core - Fixed SQL injection vulnerability in the last usage logs API endpoint Privileged Sessions Monitoring PAM - Fixed password rotation not respecting configured password policies Web - Fixed browser RDP sessions disconnecting after 5-10 seconds for non-administrator users ** CONSOLE RELEASE NOTES ** IMPROVEMENTS Minor updates

If you are using a client (RDM, PowerShell, etc.), version 2025.3 is required for this DVLS version IMPROVEMENTS Core - Added requirement for Entra ID secret expiration date during configuration to prevent unexpected login failures Core - Improved Entra ID authentication by displaying warning banners and sending email alerts to administrators when secrets approach expiration PAM - Added ability to create folders directly during PAM account import process PAM - Improved PAM administrator access to automatically grant access to all PAM vaults without manual assignment PAM - Reduced notification frequency for PAM health checks by sending alerts only once when accounts become out of sync FIXES SECURITY CVE-2025-13757 Core - Fixed SQL injection vulnerability in the last usage logs API endpoint SECURITY CVE-2025-13758 Core - Fixed security issue where sensitive credentials were exposed in API responses for certain connection types (SMB, HyperV, WebDav, and others) SECURITY CVE-2025-13765 Core - Fixed security issue where SMTP configuration with passwords could be viewed through the API without administrator permissions Core - Fixed database permission errors for scheduler service on notification group subscriber tables Core - Fixed database permission errors for scheduler service when inserting telemetry events Core - Fixed duplicate key violations that occurred during server startup when users had both administrator and vault owner roles Core - Fixed erroneous mismatch log messages during SSO authentication from RDM Core - Fixed issue where configured additional access URIs were no longer accessible Core - Fixed login failures and server crashes when new users attempted to authenticate Web - Fixed issue where PAM account approval requests in the messages UI would freeze the interface and require page refresh ** CONSOLE RELEASE NOTES ** FIXES Minor update

If you are using a client (RDM, PowerShell, etc.), version 2025.3 is required for this DVLS version FIXES Core - Fixed an issue where Windows authentication combined with 2FA would fail to work properly Core - Fixed infrastructure vault accounts not being deleted when switching console authentication to Windows authentication Core - Fixed LDAP synchronization sending unnecessary email notifications when user emails are modified during provider refresh Core - Fixed LDAPS authentication failing when using domain\username format in credentials while LDAP worked correctly Core - Fixed refresh token failures when using Entra ID proxy app authentication with RDM PAM - Fixed account names being incorrectly overwritten by usernames during domain heartbeat operations PAM - Fixed an error that occurred when accessing PAM vaults with active checkouts by other users PAM - Fixed an error when checking out credentials for SSH sessions using "My Privileged Account" with Local User (SSH) PAM accounts PAM - Fixed an error when importing SSH Key accounts that prevented successful account import PAM - Fixed PAM vaults created through scan import not being properly identified as PAM vaults PAM - Fixed password reset failures on imported local accounts when the provider domain uses a linked account PAM - Fixed SSH scan results not properly marking already imported PAM accounts as imported Web - Fixed dynamic resolution setting being ignored when opening RDP sessions in the web interface Web - Fixed RD Gateway parameters being reset to default values after saving RDP entry configurations ** CONSOLE RELEASE NOTES ** IMPROVEMENTS Minor updates

If you are using a client (RDM, PowerShell, etc.), version 2025.3 is required for this DVLS version IMPROVEMENTS Core - Added folder column to the expired entries report for better organization and tracking Core - Improved application secret generation by excluding problematic special characters ($ ` ' ") that caused issues with PowerShell scripts FIXES Core - Fixed access denied error when creating conditional access policies for non-administrator users restricted to specific subnets Core - Fixed crash when non-admin users managed temporary access requests through secure messages in RDM Core - Fixed Jira ticketing integration by updating to API v3 to support the latest Atlassian API changes Core - Fixed LDAPS handling and port mapping for Active Directory entries to correctly use the isLDAPS property and default to port Core - Fixed notification subscription emails for backup jobs showing "user was not found" when the scheduler triggered the backup Core - Prevented adding semicolons when editing folder names to avoid duplicate shortcut issues Gateway - Fixed issue where terminated ARD sessions remained visible in the Sessions left menu as if still active PAM - Fixed missing "Elevate as" option when granting checkout for temporary JIT accounts Web - Fixed AD Sync OU container checkbox synchronization issue where checking the option in RDM didn't reflect as checked in DVLS Web ** CONSOLE RELEASE NOTES ** IMPROVEMENTS Core - Fixed missing table permissions in scheduler service's SQL least permissions script for PassphraseDictionary and TelemetryEvents tables Core - Fixed SQL permissions issue in scheduler service least permissions script by adding INSERT permission for RemoteSession table

If you are using a client (RDM, PowerShell, etc.), version 2025.3 is required for this DVLS version IMPROVEMENTS PAM - Auto-selected PAM content type when creating a PAM vault to streamline the workflow FIXES SECURITY Core - Fixed authentication bypass vulnerability where "Configure 2FA by user later" could be exploited to access other user accounts SECURITY Core - Fixed password list custom values being visible to users with view-only permissions Core - Fixed issue where custom date/time format was not displayed in user preferences when forced by admin Core - Fixed null reference error occurring in Administration logs and Diagnostics reports PAM - Fixed AnyIdentity provider not allowing linked credentials when using custom credential type Web - Fixed SSH private keys not being fetched when using "Prompt on Connection" with linked credentials Web - Fixed TypeError preventing editing of older scheduled reports Web - UI fixes ** CONSOLE RELEASE NOTES ** IMPROVEMENTS Minor updates

If you are using a client (RDM, PowerShell, etc.), version 2025.3 is required for this DVLS version IMPROVEMENTS BREAKING CHANGE REST API - Custom field output now returns an array with all associated data Core - Added support for linked vault credentials pointing to their own folder entry Core - Improved session recording permission label to clarify it controls viewing recordings rather than the recording feature itself Gateway - Changed gateway token generation logging from information to debug level to reduce log verbosity FIXES Core - Fixed issue preventing editing of vault settings and 'Add in root' permissions dropdown values Core - Fixed issue preventing selection of users, groups, or apps in entry permissions when they weren't allowed on the vault Core - Fixed issue preventing vault owners from restoring deleted entries Core - Fixed move to vault functionality that was no longer working PAM - Fixed heartbeat check not being performed after resetting PAM account passwords via PowerShell PAM - Fixed JIT elevation failing after switching username format PAM - Fixed pagination issue preventing navigation through SSH key scan results ** CONSOLE RELEASE NOTES ** IMPROVEMENTS Minor updates

If you are using a client (RDM, PowerShell, etc.), version 2025.3 is required for this DVLS version NEW FEATURES Core - Added option to require a passphrase when using Devolutions Send, enhancing security for shared sensitive information IMPROVEMENTS Core - Improved OTP display by color-coding based on remaining time (blue for 20+ seconds, yellow for 11-20 seconds, red for 1-10 seconds) FIXES Core - Fixed an error that occurred when no entry types were available for creation Core - Fixed an error when browsing domain containers in domain authentication settings Core - Fixed an issue where "Add in Root" and "Vault Settings" permissions displayed as "Default (Custom)" instead of the correct resolved value Core - Fixed an issue where Pleasant Password Server entry configurations were incorrectly saved to My Account settings instead of the entry itself Core - Fixed an issue where the tilde (~) character was not recognized as a special character in password template validation Core - Fixed an issue where users appeared twice when filtering by group in the Import Users from Domain feature Core - Fixed sorting and moving conditional access policies on page 2 and beyond PAM - Fixed an issue where account names were incorrectly overwritten by usernames during domain heartbeat operations PAM - Fixed an issue where deleted PAM entries were not accessible in Remote Desktop Manager PAM - Fixed an issue where editing Infrastructure Vault accounts incorrectly prompted for a PAM license PAM - Fixed an issue where gateway settings were ignored when using local SSH providers Web - Fixed an issue where user-specific display resolution settings were not applied in the Web RDP client Web - Removed unnecessary tabs (Permissions, Temporary Access, Time Based Usage, Checkout Mode) from User Vault settings in the web interface ** CONSOLE RELEASE NOTES ** IMPROVEMENTS Minor updates

If you are using a client (RDM, PowerShell, etc.), version 2025.3 is required for this DVLS version IMPROVEMENTS Core - Improved the clarity of virtual access denied log entries FIXES SECURITY CVE-2025-11619 Core - Fixed an issue where the Gateway domain in the TLS certificate was not validated Core - Fixed an issue preventing Add/Edit of MFA conditional policies when the result was set to MFA required or MFA skipped Core - Fixed an issue where AD users were locked out after a single failed login attempt Core - Fixed an issue where DUO automatic login actions were no longer triggered Core - Fixed an issue where recordings could no longer be viewed in the web interface Core - Fixed an issue where the syslog server status incorrectly showed as Down on the System dashboard Core - Fixed an issue where updating the DVLS server instance could duplicate certain PAM folders Core - Fixed broken clipboard integration in the SSH web client PAM - Fixed an error when applying a custom date filter in the Recent Activity report ** CONSOLE RELEASE NOTES ** IMPROVEMENTS Minor updates

If you are using a client (RDM, PowerShell, etc.), version 2025.3 is required for this DVLS version NEW FEATURES Core - Added a "Linked (External Vault)" option for entries, allowing sessions to reference credentials stored in an external vault Core - Added an onboarding experience for new installations to simplify initial setup Core - Added an option to enable biometric lock for the Workspace app Core - Added support for a custom, editable dictionary for passphrase generation Core - Added the ability for users to create an API key for their account Core - Added webhook support for specific trigger events Core - Require re-authentication before allowing users to change MFA Core - Users can now configure their own MFA Gateway - Added a new setting to enable RDP reconnection Gateway - Added network access rules for virtual gateways, with scoping by IP address, IP range, subnet, and DNS name Gateway - Added virtual gateways, enabling different permissions on the same physical gateway PAM - Added "Account Life Policies," consolidating PAM options and enabling inheritance at all levels (entry, folder, root) PAM - Added conditional policies based on JIT elevation status Web - Added support to disconnect WBEX sessions on close and when idle IMPROVEMENTS BREAKING CHANGE Core - Changed default of password policy and password validation to be handled as "Inherited" - Make sure your inheritance structure is appropriate Core - Added password expiration to password policies Core - Added support for attachments when sending via Devo Send in DVLS Core - Editing an entry now triggers the checkout option Core - Improved image management with the ability to merge duplicate images Core - Improved LDAP domain controller fallback for faster failover Core - Improved the Entry Properties menu to align with RDM, making options easier to find Core - Removed the ability to grant permissions on entries in vaults the user cannot access Core - Renamed "Cleanup Log" to "Log Retention Policies" Core - Renamed "Password Templates" to "Password Policies" Core - Temporary access on a folder now extends to entries created in that folder after the request PAM - Added tier detection during account discovery for domain and Entra ID accounts PAM - Local Account scan results now exclude provider service accounts FIXES Core - Fixed an issue where renaming a folder with a backslash (\) would break the folder Core - Fixed an issue where the password generator would not open when editing an entry Core - Reduced the number of emails sent when Syslog is down PAM - Fixed an error that occurred when adding JIT elevation to a PAM checkout PAM - Fixed an error when importing computers from an AD scan PAM - Fixed an issue where editing Account Life Policies could result in an infinite loading state Web - Fixed an issue where SSH sessions returned "The authentication sequence has failed" when launched in the web client with a linked-to-vault private key Web - Fixed an issue where web sessions could not be opened with a PAM credential Web - Restored the top menu button when opening ARD web sessions Web - Various user interface fixes and improvements ** CONSOLE RELEASE NOTES ** IMPROVEMENTS Improved performance when loading the DVLS instances list Renamed "Standalone Installation" to "Basic Installation" in the Gateway installer

If you are using a client (RDM, PowerShell, etc.), version 2025.2 is required for this DVLS version FIXES SECURITY Core - Fixed an issue where unauthorized users could approve temporary access requests SECURITY Core - Fixed an issue where users could self-approve temporary access requests Core - Fixed an error when importing computers from an AD scan Core - Reduced email notifications when Syslog is down or the instance goes offline Core - Upgraded the MailKit library to resolve email sending issues PAM - Fixed a missing "Password template" field in the PAM account password generator ** CONSOLE RELEASE NOTES ** IMPROVEMENTS Minor updates

If you are using a client (RDM, PowerShell, etc.), version 2025.2 is required for this DVLS version FIXES Core - Fixed a decryption issue in the User Vault Gateway - Cleanup now ignores session recordings associated with nonexistent gateways Gateway - Fixed an issue where the cleanup task skipped some recordings ** CONSOLE RELEASE NOTES ** IMPROVEMENTS Minor updates

If you are using a client (RDM, PowerShell, etc.), version 2025.2 is required for this DVLS version IMPROVEMENTS SECURITY Core - Password History now logs when a user views or clears it FIXES Core - Fixed a potential data corruption issue in user vaults during migration from an SQL data source Core - Fixed an issue where email hyperlinks did not redirect correctly after login Core - Fixed an issue where Syslog was never marked as up, remaining down even after recovery Core - Fixed an issue where the initial Password History date was incorrect when adding an entry through the web client ** CONSOLE RELEASE NOTES ** IMPROVEMENTS Added the ability to force proxy usage via an app settings file

If you are using a client (RDM, PowerShell, etc.), version 2025.2 is required for this DVLS version FIXES Core - Fixed an issue where duplicating a folder inadvertently duplicated entries in the original folder PAM - Fixed an issue where the "Reset Password" and "Check Synchronization" actions were not available for AnyIdentity accounts ** CONSOLE RELEASE NOTES ** FIXES Core - Fixed an issue where installing a new instance was failing

If you are using a client (RDM, PowerShell, etc.), version 2025.2 is required for this DVLS version IMPROVEMENTS PAM - Add gateway support for Windows user provider FIXES Core - External authentication provider token removed prematurely in a load balanced environment Core - Fix entries not synced using VMware synchronizer with an RDP template Core - Fixed Gateway cleanup task skipping some recordings Web - Fixed some dates localization ** CONSOLE RELEASE NOTES ** IMPROVEMENTS Minor updates FIXES Core - Fix database advanced setting being ignored when creating a connection string

If you are using a client (RDM, PowerShell, etc.), version 2025.2 is required for this DVLS version IMPROVEMENTS Add clipboard for web terminal FIXES Fix cannot add certificate entry in RDMW Fix public API: get-entries exception for certain entry types Fix resolving the default values on the checkout policy when updating the policy of the connection Fix Syslog error: missing debug information when unable to connect to the server ** CONSOLE RELEASE NOTES ** IMPROVEMENTS Minor updates

If you are using a client (RDM, PowerShell, etc.), version 2025.2 is required for this DVLS version IMPROVEMENTS Core - Added safeguards to prevent lockouts caused by conditional access policies Web - Enhanced error messaging in the SSH web terminal for better clarity and troubleshooting Web - Introduced a visual indicator to highlight licenses with no users assigned FIXES SECURITY PAM - Resolved an issue where the automatic check-in task could unexpectedly stop Core - The Version field is now correctly included in the Login History report export PAM - Addressed an issue where PowerShell tasks generated by PAM would remain open after a crash PAM - Corrected an issue where SSH scans returned no results PAM - Fixed a bug preventing PAM administrators from browsing OUs in domain accounts PAM - Fixed the heartbeat check running every minute regardless of the configured interval PAM - Resolved a problem where the checkout policy would lose its default values ** CONSOLE RELEASE NOTES ** IMPROVEMENTS Minor updates FIXES Minor updates

If you are using a client (RDM, PowerShell, etc.), version 2025.2 is required for this DVLS version IMPROVEMENTS Core - Added a "Hide Existing" option when importing Entra ID users and user groups Core - Added biometric configuration options for the Workspace app Core - Limited "Syslog server unreachable" email notifications to a single message FIXES SECURITY Core - Fixed an issue where connection permissions could be bypassed through secure messages SECURITY PAM - Fixed an issue where JIT groups were not updated when approving a checkout scheduled for a future date Core - Fixed an error experienced by some users when using syslog Core - Fixed an error when approving temporary access request Core - Fixed an issue where RDP session recordings to remote hosts disconnected after a few seconds Core - Fixed an issue where the Gateway was selected by default in SSH Provider settings and could not be deselected Core - Restored functionality for Gateway Tunnel entries that were not working PAM - Fixed an error where PAM approvers could not approve checkout requests Web - Several UI fixes ** CONSOLE RELEASE NOTES ** FIXES Core - Fixed an error that occurred when connecting to SQL with the "Trust Server Certificate" option enabled

If you are using a client (RDM, PowerShell, etc.), version 2025.2 is required for this DVLS version IMPROVEMENTS REST API - Added support for the username in SSH key FIXES SECURITY Core - Increased the length of emergency codes to fix a vulnerability and prevent brute-force attacks Core - Fixed an issue where the 180-day filter was not working PAM - Fixed an issue where a PAM provider failed to connect through its configured gateway PAM - Fixed an issue where some PAM providers could be lost during an upgrade Web - Fixed an issue where launching a session through the web client failed when the gateway was set to Inherited Web - Fixed an issue where SSH sessions could not connect through the web client when linked to an SSH private key Web - Several UI fixes ** CONSOLE RELEASE NOTES ** FIXES Minor update

If you are using a client (RDM, PowerShell, etc.), version 2025.2 is required for this DVLS version IMPROVEMENTS Core - Improved notification emails to display timestamps in UTC PAM - Added checkout policies for entries and folders PAM - Added OTP configuration for folders FIXES Core - Fixed an error when launching a connection through the web client Core - Fixed an issue where drag-and-drop functionality PAM - Fixed an issue where approving a checkout scheduled for a future date failed PAM - Fixed an issue where the checkout duration was not applied correctly PAM - Fixed an issue where the PAM Domain Provider could not be configured with a Domain Controller Rest API - Fixed an error with the connection tag in the REST API UI Fixes ** CONSOLE RELEASE NOTES ** IMPROVEMENTS UI fixes

If you are using a client (RDM, PowerShell, etc.), version 2025.2 is required for this DVLS version NEW FEATURES Core - Added a "Pending Approval" workflow for entry creation Core - Added a Privileged Session Monitoring tool and a new "Privileged Sessions Monitoring" permission to grant users access to this feature Core - Added Hyper-V dashboard in web interface Core - Added new credential mode "use linked host credentials" Core - Added new permissions for editing VPN/Tunel/Gateway and editing Session Recording configuration Core - Release notes and What's new are now available in the web interface PAM - New provider AWS IAM PAM - New provider PostgreSQL IMPROVEMENTS BREAKING CHANGE Core - Our EULA and TOS are now combined into a single master agreement and include our new solution packages Core - Added recording resolution configuration Core - Added sealed entry feature to linked credentials Core - Added support for including entries when duplicating a folder Core - Added user group support to message & report an issue recipients Core - Improved notification UI Core - Improved SSH key entry and provide tool to generate ssh key easily Core - Improved the launch session button Core - Removed caching for Active Directory and Entra ID Core - Sealed entries can now be deleted Core - Users are now flagged as deleted and permenently removed after a configurable period of time Gateway - Add possibility to save certificate through RDM PAM - Allow to run propagation script in a different user context PAM - Checkout can now be configured optionnal PAM - Improved how AnyIdentity provider can be tested PAM - Removed JIT provisionning template account type. Standard PAM account are now used with a configuration PAM - Restrict SSH key to 1 REST Api - Added support for custom fields FIXES SECURITY Core - Fixed an issue where "Edit permissions" could be bypassed. The permission is now validated server side SECURITY Core - Fixed an issue where Tor exit node was updated even on error Core - Fixed an issue where a user vault could not be accessed in RDM even when allowed for the user Core - Fixed an issue where connecting to DVLS could be long Core - Improved performance when handling a large number of vault entries, making navigation easier Core - Several UI update ** CONSOLE RELEASE NOTES ** IMPROVEMENTS BREAKING CHANGE Our EULA and TOS are now combined into a single master agreement and include our new solution packages FIXES Fixed an issue where the basic installation process was not working Removed sensitive data from the summary page Several UI fixes