November 26, 2025
v25.11.0 - 26 November 2025
New features
- The Secrets screen now supports selecting and referencing secrets from SEM integrations in addition to manually entered name–value pairs. This allows more secure and centralized secret management
- Added WebLogic support for JAVA Shark sensor
Improvements
- Replaced old POST deletion methods with standard DELETE endpoints for a more consistent API. The POST endpoints are now deprecated—please update your integrations.
- Masked sensitive data in request/response details
Resolved issues
- Fixed an issue showing the wrong Vulnerability Database (VDB) version
- Fixed a cache cleaning issue
- Fixed Intel instance assignment issue for On-prem Cloud Provider
- Fixed an issue for 3-legged authorization code flow
- Added RegEx validation to prevent invalid patterns causing scan failures
- Agent auto updater can use encrypted proxy credentials in the appsettings.json.
- Fixed Discrepancy in the permission count of the Roles.
- Addressed SSL errors in certificate-based environments by adding support for the IgnoreSslCertificateErrors parameter
- Fixed Unable to Load Scan Session & Unable to Find Scan Files error
- Containerized Agents stucking auto update issue resolved.
Notes for Verifying the Hash Value for Package Integrity in Invicti Enterprise On-Premises
The hash value for the "25.11.0.zip" file is provided below. You can verify the integrity of the file by checking its hash value using one of the outlined methods:
Release Package Hash Value: BF5E9AF5C09CB7D4A3318F96B1B9D5B7B7881EAE7D56066294A5A6BCB84C0FD1
Methods to Verify the Hash Value:
PowerShell (Windows):
Get-FileHash -Path "25.11.0.zip" -Algorithm SHA256
Command Prompt (Windows):
certutil -hashfile "25.11.0.zip" SHA256
Linux or macOS:
sha256sum "25.11.0.zip"