Version 2026.1.20.0 (June 1, 2026)

If you are using a client (RDM, PowerShell, etc.), version 2026.1 is required for this DVLS version

FIXES

• SECURITY [CVE-2026-9522]PAM - Fixed an access control issue affecting account discovery scan configurations
• SECURITY [CVE-2026-9590]Core - Fixed a permission issue that could allow asset sections to be modified through the API without proper authorization
• SECURITY Core - Fixed synchronizers running against sealed credentials without prompting for unsealing first
• Core - Fixed an error that prevented starting a trial when an invalid email address was entered
• Core - Fixed sign-in issues when using Entra App Proxy with MFA and pre-authentication enabled
• PAM - Fixed a regression where the OTP field was not displayed for checked-out accounts using inherited OTP settings
• Web - Fixed the Clipboard Privacy warning dialog's "Do not show again" option not being respected
• Web - Fixed trailing spaces being saved in Tags and Notification Subscription exact-match filters

** CONSOLE RELEASE NOTES **

FIXES

• Core - Fixed the inability to edit additional access URIs in the Kestrel configuration