Version 2026.1.16.0 (May 5, 2026)

If you are using a client (RDM, PowerShell, etc.), version 2026.1 is required for this DVLS version

FIXES

• SECURITY [CVE-2026-5146] Core - Closed a security gap allowing notification actions without authentication
• Core - Fixed a configuration error causing app settings to fail loading
• Core - Fixed admins receiving expiration alerts for other users' vault items
• Core - Fixed an issue where deleting a user could remove all users from the list
• Core - Fixed incorrect backup failure alerts and cleanup issues on Linux/Docker
• Core - Fixed unreliable installation of IIS ASP.NET Core Module on new Windows Server setups
• PAM - Fixed visibility selector closing too early when creating a new vault
• Web - Fixed "Disable MFA" dialog not closing after confirmation
• Web - Fixed default authentication method being ignored in Domain mode
• Web - Fixed empty notification banners appearing across admin pages
• Web - Fixed error dialogs showing blank content instead of messages
• Web - Fixed incorrect warning when saving entries with compromised passwords
• Web - Fixed login page defaulting to Domain authentication when set to "None"
• Web - Fixed reveal/copy actions targeting the wrong field after sorting entries
• Web - Fixed Security Dashboard crash when navigating after resolving ignored issues
• Web - Multiple UI improvements and fixes

** CONSOLE RELEASE NOTES **

IMPROVEMENTS

• Core - Added a support package generator to quickly collect diagnostics and configuration for faster issue resolution