v25.9.0 - 9 September 2025

This update includes changes to the internal agents. The internal scan agent’s current version is 25.9.0. The internal authentication verifier agent’s current version is 25.9.0.

New feature

• Added a new setting, Page Top Warning Banner, under Settings > General > Warning Text Settings. This feature allows administrators to display a persistent, plain-text banner at the top of every page for compliance and informational purposes

Improvements

• Improved Pega version detection
• Improved page performance
• Updated the GitHub Actions plugin to address multiple security vulnerabilities by sanitizing user inputs, validating URLs, and remediating outdated dependencies to ensure compliance with secure coding standards
• Encrypted OAuth2 section in Scan Profile to maintain information security
• Updated GetTags endpoint for Asana integration

Resolved issues

• Resolved the inconsistency between the UI and reports in displaying known issue severity
• Resolved pagination issue on the Agent Group Index page
• Mend-related profiles have been hidden from the UI
• Updated the signature for Mend vulnerabilities to improve management of Mend-related issues. As a result, previously reported vulnerabilities will appear as resolved and then re-detected
• Fixed a UI filter bug where created websites could be incorrectly ignored on the Discovered Websites page
• Fixed authentication and simulation stucks due to script syntax
• Resolved zombie "Pick an app"(OpenWith.exe) processes that runs out resources on Windows servers