Run the release drafter to populate the release notes.

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.58.0

• Fix SARIF parser crash on empty extensions @kleomartiny (#14898)
• Rename title to 'Open-Source Permissions' @paulOsinski (#14908)
• docs: add 2.58.3 and 2.58.4 release notes to Pro changelog @Maffooch (#14926)
• 🐛 fix cyclonedx missing vector field #14874 @manuel-sommer (#14884)
• [docs] Improve Snyk parser documentation with export instructions and enterprise workflow @balaakasam (#14675)
• Add docs for Products and Assets @dangoelz (#14876)
• May docs maintenance @paulOsinski (#14880)
• rename CLAUDE.md to AGENTS.md @valentijnscholten (#14873)
• Expose created/updated date filters for Risk Acceptance API (created_before/after, updated_before/after) @PDFour4 (#14786)
• Scope report views to the requesting user's authorized products @Maffooch (#14870)
• Anchor location finding reference authorization to the finding's own product @Maffooch (#14871)
• Remove gitpython @dogboat (#14808)
• Update changelog for v2.58.2 release notes @Maffooch (#14854)
• Fix URLs and expand Lychee coverage @Maffooch (#14855)
• ⚡ speed up migrate_endpoints_to_locations (~14× fewer queries) @Maffooch (#14841)
• docs: Add Components page and glossary entry @Jino-T (#14840)
• [docs] locations (pro feature), maintenance @paulOsinski (#14834)
• feat(importers): apply import-time tags per batch before post-processing, do not tag old findings @valentijnscholten (#14839)
• perf(tags): centralize tag inheritance + replace signal disconnect with batch context manager (Phase B) @valentijnscholten (#14827)
• perf(tags): bulk-propagate inherited tags + gate child post_save on create @valentijnscholten (#14812)
• Add mitigation finding filters and complete mitigation filter tests @bendnema (#14790)
• cascade delete: prepare preview_only parameter @valentijnscholten (#14810)
• test: add background param to import all unit tests command @valentijnscholten (#14805)
• perf(dupe-delete): use bulk_delete_findings + correlated subquery in async_dupe_delete @valentijnscholten (#14797)
• test: pin query-count baselines for tag inheritance hot paths @valentijnscholten (#14811)
• Update changelog for May 2026 release (v2.58.0) @Maffooch (#14807)
• endpoint: optimize eq via product_id @valentijnscholten (#14806)
• Fix broken links @paulOsinski (#14802)

🚩 Changes to settings.dist.py / local_settings.py

• perf(watson): prefetch relations + force async indexing @valentijnscholten (#14881)
• perf(tag inheritance): batch_mode + per-batch bulk during import + reorganize @valentijnscholten (#14877)
• Dojo V3 - Tailwind UI rebuild, legacy authorization, OS surface removals @devGregA (#14865)
• feat(parsers): add Xygeni JSON parser (SAST, SCA, Secrets) @lmrb-1968 (#14769)
• 🎉 add ksa security advisory @manuel-sommer (#14809)

🚩 Database migration

• Dojo V3 - Tailwind UI rebuild, legacy authorization, OS surface removals @devGregA (#14865)
• remove: Credential Manager (2.57 deprecation, 2.59 EOL) @Maffooch (#14836)
• remove: Stub Findings (2.57 deprecation, 2.59 EOL) @Maffooch (#14837)

🚀 API features and enhancements

• refactor: rename dispatch kwarg sync= to force_sync= @valentijnscholten (#14882)
• Apply object-level permission check to finding duplicate API actions @Maffooch (#14866)
• Dojo V3 - Tailwind UI rebuild, legacy authorization, OS surface removals @devGregA (#14865)
• remove: Credential Manager (2.57 deprecation, 2.59 EOL) @Maffooch (#14836)
• Use a dedicated permission class for BurpRawRequestResponseViewSet @Maffooch (#14838)
• remove: Stub Findings (2.57 deprecation, 2.59 EOL) @Maffooch (#14837)
• remove: questionnaire API endpoints (2.56 deprecation, 2.59 EOL) @Maffooch (#14835)

🖌 Updates in UI

• Dojo V3 - Tailwind UI rebuild, legacy authorization, OS surface removals @devGregA (#14865)
• remove: Credential Manager (2.57 deprecation, 2.59 EOL) @Maffooch (#14836)
• remove: Stub Findings (2.57 deprecation, 2.59 EOL) @Maffooch (#14837)

🗣 Updates in localization

• Add pt-BR locale translation @GraoMelo (#14909)
• add russian locale @polishchukd (#14799)

🧰 Maintenance

• Update dependency kubernetes from 1.33.11 to v1.33.12 (.github/workflows/k8s-tests.yml) @renovate (#14891)
• Update manusa/actions-setup-minikube action from v2.16.1 to v2.18.0 (.github/workflows/k8s-tests.yml) @renovate (#14893)
• Update postgres Docker tag from 18.3 to v18.4 (docker-compose.yml) @renovate (#14894)
• Update python:3.14.5-slim-trixie Docker digest from 3.14.5 to 3.14.5-slim-trixie (Dockerfile.integration-tests-debian) @renovate (#14895)
• chore(deps): bump pyjwt from 2.12.1 to 2.13.0 @dependabot (#14919)
• chore(deps): bump django-prometheus from 2.4.1 to 2.5.0 @dependabot (#14921)
• chore(deps): bump django-permissions-policy from 4.29.0 to 4.30.0 @dependabot (#14905)
• chore(deps): bump django-htmx from 1.21.0 to 1.27.0 @dependabot (#14907)
• chore(deps-dev): bump @tailwindcss/cli from 4.2.4 to 4.3.0 in /components @dependabot (#14904)
• chore(deps): bump lxml from 6.1.0 to 6.1.1 @dependabot (#14903)
• chore(deps): bump vulners from 3.1.9 to 3.1.10 @dependabot (#14901)
• chore(deps): bump alpinejs from 3.15.11 to 3.15.12 in /components @dependabot (#14902)
• chore(deps): bump requests from 2.34.0 to 2.34.2 @dependabot (#14900)
• chore(deps): bump ruff from 0.15.12 to 0.15.13 @dependabot (#14899)
• Update python Docker tag from 3.13.13 to v3.14.5 (Dockerfile.nginx-alpine) @renovate (#14863)
• Update valkey Docker tag from 0.20.1 to v0.20.2 (helm/defectdojo/Chart.yaml) @renovate (#14857)
• chore(deps): update peaceiris/actions-hugo action from v3.0.0 to v3.2.1 (.github/workflows/validate_docs_build.yml) @renovate (#14859)
• chore(deps): update python:3.13.13-slim-trixie docker digest from 3.13.13 to v (dockerfile.integration-tests-debian) @renovate (#14856)
• chore(deps): update release-drafter/release-drafter action from v7.2.1 to v7.3.0 (.github/workflows/release-drafter.yml) @renovate (#14864)
• chore(deps): bump requests from 2.33.1 to 2.34.0 @dependabot (#14861)
• chore(deps): bump pdfmake from 0.3.7 to 0.3.8 in /components @dependabot (#14862)
• Update peaceiris/actions-gh-pages action from v4.0.0 to v4.1.0 (.github/workflows/gh-pages.yml) @renovate (#14858)
• chore(deps): bump urllib3 from 2.6.3 to 2.7.0 @dependabot (#14853)
• chore(deps): bump gitpython from 3.1.49 to 3.1.50 @dependabot (#14845)
• chore(deps): bump django from 5.2.13 to 5.2.14 @dependabot (#14846)
• chore(deps): bump @babel/plugin-transform-modules-systemjs from 7.29.0 to 7.29.4 in /docs @dependabot (#14844)
• chore(deps): bump django from 5.2.13 to 5.2.14 @dependabot (#14843)
• Update valkey/valkey Docker tag from 9.0.3 to v9.0.4 (docker-compose.yml) @renovate (#14831)
• chore(deps): bump social-auth-app-django from 5.8.0 to 5.9.0 @dependabot (#14826)
• chore(deps): bump drf-spectacular-sidecar from 2026.4.14 to 2026.5.1 @dependabot (#14825)
• chore(deps): bump gitpython from 3.1.49 to 3.1.50 @dependabot (#14823)
• chore(deps): bump psycopg from 3.3.3 to 3.3.4 @dependabot (#14822)
• chore(deps): bump django-polymorphic from 4.11.2 to 4.11.3 @dependabot (#14821)
• chore(deps): bump pyopenssl from 26.1.0 to 26.2.0 @dependabot (#14818)
• chore(deps): bump easymde from 2.20.0 to 2.21.0 in /components @dependabot (#14817)
• Update losisin/helm-values-schema-json-action action from v2.5.0 to v3 (.github/workflows/test-helm-chart.yml) @renovate (#14816)
• Update actions/labeler action from v6.0.1 to v6.1.0 (.github/workflows/pr-labeler.yml) @renovate (#14815)
• Update losisin/helm-docs-github-action action from v1.8.0 to v2 (.github/workflows/test-helm-chart.yml) @renovate (#14814)
• Update valkey Docker tag from 0.20.0 to v0.20.1 (helm/defectdojo/Chart.yaml) @renovate (#14813)

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.58.3

• 🐛 fix cyclonedx missing vector field #14874 @manuel-sommer (#14884)

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.58.2

• Add docs for Products and Assets @dangoelz (#14876)
• May docs maintenance @paulOsinski (#14880)
• rename CLAUDE.md to AGENTS.md @valentijnscholten (#14873)
• Scope report views to the requesting user's authorized products @Maffooch (#14870)
• Anchor location finding reference authorization to the finding's own product @Maffooch (#14871)
• Remove gitpython @dogboat (#14808)
• Update changelog for v2.58.2 release notes @Maffooch (#14854)
• Fix URLs and expand Lychee coverage @Maffooch (#14855)
• ⚡ speed up migrate_endpoints_to_locations (~14× fewer queries) @Maffooch (#14841)
• docs: Add Components page and glossary entry @Jino-T (#14840)

🚀 API features and enhancements

• Apply object-level permission check to finding duplicate API actions @Maffooch (#14866)

🧰 Maintenance

• chore(deps): bump urllib3 from 2.6.3 to 2.7.0 @dependabot (#14853)

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.58.1

• [docs] locations (pro feature), maintenance @paulOsinski (#14834)
• Update changelog for May 2026 release (v2.58.0) @Maffooch (#14807)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 add ksa security advisory @manuel-sommer (#14809)

🚀 API features and enhancements

• Use a dedicated permission class for BurpRawRequestResponseViewSet @Maffooch (#14838)

🧰 Maintenance

• chore(deps): bump gitpython from 3.1.49 to 3.1.50 @dependabot (#14845)
• chore(deps): bump django from 5.2.13 to 5.2.14 @dependabot (#14846)
• chore(deps): bump @babel/plugin-transform-modules-systemjs from 7.29.0 to 7.29.4 in /docs @dependabot (#14844)
• chore(deps): bump django from 5.2.13 to 5.2.14 @dependabot (#14843)

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.58.0

• endpoint: optimize eq via product_id @valentijnscholten (#14806)
• Fix broken links @paulOsinski (#14802)

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.57.0

• perf test: cover unsaved tags and vulnerability_ids @valentijnscholten (#14796)
• async delete: remove obsolete outside scope delete @valentijnscholten (#14798)
• fix(sonarqube): mdDesc fallback @samiat4911 (#14770)
• Jira webhook: stop mis-mitigating findings on non-"done" issues @paulOsinski (#14716)
• Fix #14623: Add created and updated date filters to ApiRiskAcceptance… @NasorHidar (#14754)
• add OS + Pro Engagement articles @dangoelz (#14583)
• fix(coverity-api): add support for RESOURCE_LEAK quality findings @Jino-T (#14749)
• add Test docs for OS and Pro @dangoelz (#14750)
• test: extend and consolidate tag inheritance tests into test_tag_inheritance.py @valentijnscholten (#14771)
• Bulk delete findings: extension hook @valentijnscholten (#14740)
• docs(pro changelog): add 2.57.3 entry @Maffooch (#14768)
• [pro] add DD-Orchestrator upgrade instructions for on-prem customers @paulOsinski (#14747)
• Fix Dependency Track parser missing vulnerability IDs when aliases is empty @valentijnscholten (#14748)
• ci: auto-label release PRs with release-management @Maffooch (#14744)
• 🐛 fix KeyError raised on Engineer Metrics #14737 @manuel-sommer (#14741)
• Fix Contrast parser collapsing findings with the same rule name @Jino-T (#14714)
• docs: global component deduplication @paulOsinski (#14717)
• docs(pro changelog): add 2.57.1 and 2.57.2 entries @Maffooch (#14736)
• docs optimization: use defer instead of async @paulOsinski (#14715)
• chore: reorganize dedupe code @valentijnscholten (#14641)
• perf: bulk-apply parser-supplied per-finding tags during import @valentijnscholten (#14701)
• docs: add CLAUDE.md with module reorganization playbook @Maffooch (#14705)
• 🎉 add fix_available and fix_version to govulncheck @manuel-sommer (#14681)
• Change to reactivating risk accepted findings @Jino-T (#14633)
• Use RBAC for accept_risks API endpoints @Jino-T (#14632)
• Added ssrf utils file to check urls and applied it to risk recon parser @Jino-T (#14631)
• Update dependency renovatebot/renovate from 43.110.14 to v43.112.1 (.github/workflows/renovate.yaml) @renovate (#14674)
• Fix Wazuh 4.8 parser to attach endpoints/locations to findings @DeWaRs1206 (#14629)
• fix(parsers): use unsaved_tags instead of tags= in Finding constructor @valentijnscholten (#14626)
• update invicti parser to use FirstSeenDate @paulOsinski (#14610)
• 🐛 fix govulncheck ndjson ouput #14642 @manuel-sommer (#14671)
• [docs] maintenance and changelog @paulOsinski (#14665)
• chore(deps): bump ruff from 0.15.8 to 0.15.9 @manuel-sommer (#14663)
• Fix/watson DjangoSuspicousOperationException operation exception @valentijnscholten (#14650)

🚩 Changes to settings.dist.py / local_settings.py

• Remove pickle from forms and Celery serializer @Maffooch (#14791)
• fix cascade delete bug and restore default duplicate cluster reconfigure on delete @valentijnscholten (#14772)
• feat(parsers): add Qualys VMDR CSV parser @skywalke34 (#14453)
• refactor: consolidate audit-log code into dojo/auditlog/ package @Maffooch (#14763)
• refactor: consolidate scattered SSO code into a dedicated dojo/sso/ package @Maffooch (#14765)
• refactor: consolidate notifications into dojo/notifications/ package @Maffooch (#14767)
• refactor: consolidate GitHub integration into dojo/github/ package @Maffooch (#14766)
• 🎉 add watchguard security advisory @manuel-sommer (#14742)
• move MAX_ZIP_* to settings @fopina (#14730)
• Add centralized banner system with OS messaging support @Maffooch (#14708)
• 🎉 add mozilla foundation sec advice to vulnid @manuel-sommer (#14703)
• 🎉 add CNNVD to vulnid @manuel-sommer (#14672)

🚩 Database migration

• Locations performance improvements @dogboat (#14718)

🚀 API features and enhancements

• refactor: consolidate notifications into dojo/notifications/ package @Maffooch (#14767)
• refactor: decouple Jira integration into dojo/jira package @Maffooch (#14743)
• Dispatch create-path notifications async to fix slow POST latency @Maffooch (#14731)
• Validate consistency between ID-based and name-based identifiers in import/reimport @Jino-T (#14636)
• Add permission checks for moving engagements between products @Jino-T (#14634)

🖌 Updates in UI

• Remove 'safe' filter from description output @Maffooch (#14789)
• refactor: consolidate scattered SSO code into a dedicated dojo/sso/ package @Maffooch (#14765)
• Fix planned remediation version appearing under Reviewers in findings list @valentijnscholten (#14773)
• refactor: decouple Jira integration into dojo/jira package @Maffooch (#14743)
• Improve SLA breach notification format and display @Maffooch (#14746)
• Add centralized banner system with OS messaging support @Maffooch (#14708)
• fix css overflow issue - reports @paulOsinski (#14666)
• 🎉 add mozilla foundation sec advice to vulnid @manuel-sommer (#14703)
• Clean up endpoint template rendering for user fields @Maffooch (#14682)
• store more parameters in import settings @valentijnscholten (#14673)

🧰 Maintenance

• chore(deps): update release-drafter/release-drafter action from v7.2.0 to v7.2.1 (.github/workflows/release-drafter.yml) @renovate (#14785)
• chore(deps): bump gitpython from 3.1.47 to 3.1.49 @dependabot (#14783)
• chore(deps): bump python-gitlab from 8.2.0 to 8.3.0 @dependabot (#14781)
• chore(deps): bump pyopenssl from 26.0.0 to 26.1.0 @dependabot (#14777)
• chore(deps): bump postcss from 8.5.6 to 8.5.12 in /docs @dependabot (#14759)
• Update python:3.13.13-slim-trixie Docker digest from 3.13.13 to v (Dockerfile.integration-tests-debian) @renovate (#14774)
• Update openapitools/openapi-generator-cli Docker tag from v7.21.0 to v7.22.0 (Dockerfile.integration-tests-debian) @renovate (#14776)
• chore(deps): bump ruff from 0.15.11 to 0.15.12 @dependabot (#14778)
• chore(deps): bump datatables.net from 2.3.7 to 2.3.8 in /components @dependabot (#14780)
• chore(deps): bump vulners from 3.1.8 to 3.1.9 @dependabot (#14782)
• chore(deps): bump social-auth-core from 4.8.6 to 4.8.7 @dependabot (#14784)
• Update dependency renovatebot/renovate from 43.139.4 to v43.141.6 (.github/workflows/renovate.yaml) @renovate (#14751)
• chore(deps): bump gitpython from 3.1.46 to 3.1.47 @dependabot (#14753)
• chore(deps): bump social-auth-app-django from 5.6.0 to 5.8.0 @dependabot (#14724)
• Update dependency node from 24.14.1 to v24.15.0 (.github/workflows/validate_docs_build.yml) @renovate (#14738)
• chore(deps): bump gitpython from 3.1.46 to 3.1.47 @dependabot (#14725)
• Update valkey Docker tag from 0.19.0 to v0.20.0 (helm/defectdojo/Chart.yaml) @renovate (#14739)
• Update actions/setup-node action from v6.3.0 to v6.4.0 (.github/workflows/validate_docs_build.yml) @renovate (#14734)
• Update dependency kubernetes/kubernetes from v1.35.3 to v1.35.4 (.github/workflows/k8s-tests.yml) @renovate (#14733)
• Update dependency kubernetes from 1.33.10 to v1.33.11 (.github/workflows/k8s-tests.yml) @renovate (#14728)
• Update python:3.13.13-slim-trixie Docker digest from 3.13.13 to v (Dockerfile.integration-tests-debian) @renovate (#14727)
• chore(deps): bump ruff from 0.15.10 to 0.15.11 @dependabot (#14726)
• chore(deps): bump social-auth-core from 4.8.5 to 4.8.6 @dependabot (#14723)
• Update python:3.13.13-alpine3.22 Docker digest from 3.13.13 to v (Dockerfile.nginx-alpine) @renovate (#14721)
• Update postgres:18.3-alpine Docker digest from 18.3 to 18.3-alpine (docker-compose.yml) @renovate (#14720)
• chore(deps): bump lxml from 6.0.2 to 6.1.0 @dependabot (#14719)
• Update dependency renovatebot/renovate from 43.112.1 to v43.139.4 (.github/workflows/renovate.yaml) @renovate (#14709)
• Update mccutchen/go-httpbin Docker tag from 2.21.0 to v2.22.1 (docker-compose.override.dev.yml) @renovate (#14697)
• Update softprops/action-gh-release action from v2.6.2 to v3 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#14702)
• Update actions/github-script action from v8.0.0 to v9 (.github/workflows/release-3-master-into-dev.yml) @renovate (#14700)
• Update release-drafter/release-drafter action from v7.1.1 to v7.2.0 (.github/workflows/release-drafter.yml) @renovate (#14699)
• chore(deps): bump lxml from 6.0.2 to 6.0.4 @dependabot (#14692)
• Update valkey Docker tag from 0.18.0 to v0.19.0 (helm/defectdojo/Chart.yaml) @renovate (#14696)
• Update docker/build-push-action action from v7.0.0 to v7.1.0 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#14695)
• chore(deps): bump django-dbbackup from 5.2.0 to 5.3.0 @dependabot (#14694)
• Update softprops/action-gh-release action from v2.6.1 to v2.6.2 (.github/workflows/release-x-manual-helm-chart.yml) @renovate (#14693)
• Update peter-evans/create-pull-request action from v8.1.0 to v8.1.1 (.github/workflows/update-sample-data.yml) @renovate (#14691)
• chore(deps): bump ruff from 0.15.9 to 0.15.10 @dependabot (#14690)
• chore(deps): bump pygithub from 2.9.0 to 2.9.1 @dependabot (#14689)
• chore(deps): bump drf-spectacular-sidecar from 2026.4.1 to 2026.4.14 @dependabot (#14688)
• Update actions/upload-artifact action from v7.0.0 to v7.0.1 (.github/workflows/release-x-manual-docker-containers.yml) @renovate (#14686)
• Update actions/cache action from v5.0.4 to v5.0.5 (.github/workflows/validate_docs_build.yml) @renovate (#14685)
• Update python:3.13.13-slim-trixie Docker digest from 3.13.13 to v (Dockerfile.integration-tests-debian) @renovate (#14684)
• Update python:3.13.13-alpine3.22 Docker digest from 3.13.13 to v (Dockerfile.nginx-alpine) @renovate (#14683)
• chore(deps): bump pillow from 12.1.1 to 12.2.0 @dependabot...

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.57.2

• [pro] add DD-Orchestrator upgrade instructions for on-prem customers @paulOsinski (#14747)
• Fix Dependency Track parser missing vulnerability IDs when aliases is empty @valentijnscholten (#14748)
• ci: auto-label release PRs with release-management @Maffooch (#14744)
• 🐛 fix KeyError raised on Engineer Metrics #14737 @manuel-sommer (#14741)
• Fix Contrast parser collapsing findings with the same rule name @Jino-T (#14714)
• docs: global component deduplication @paulOsinski (#14717)
• docs(pro changelog): add 2.57.1 and 2.57.2 entries @Maffooch (#14736)
• docs optimization: use defer instead of async @paulOsinski (#14715)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 add watchguard security advisory @manuel-sommer (#14742)

🚀 API features and enhancements

• Dispatch create-path notifications async to fix slow POST latency @Maffooch (#14731)

🖌 Updates in UI

• Improve SLA breach notification format and display @Maffooch (#14746)

🧰 Maintenance

• chore(deps): bump gitpython from 3.1.46 to 3.1.47 @dependabot[bot] (#14753)
• chore(deps): bump lxml from 6.0.2 to 6.1.0 @dependabot[bot] (#14719)

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.57.1

• docs: add CLAUDE.md with module reorganization playbook @Maffooch (#14705)
• 🎉 add fix_available and fix_version to govulncheck @manuel-sommer (#14681)
• Change to reactivating risk accepted findings @Jino-T (#14633)
• Use RBAC for accept_risks API endpoints @Jino-T (#14632)
• Added ssrf utils file to check urls and applied it to risk recon parser @Jino-T (#14631)

🚩 Changes to settings.dist.py / local_settings.py

• Add centralized banner system with OS messaging support @Maffooch (#14708)
• 🎉 add mozilla foundation sec advice to vulnid @manuel-sommer (#14703)

🚀 API features and enhancements

• Validate consistency between ID-based and name-based identifiers in import/reimport @Jino-T (#14636)
• Add permission checks for moving engagements between products @Jino-T (#14634)

🖌 Updates in UI

• Add centralized banner system with OS messaging support @Maffooch (#14708)
• fix css overflow issue - reports @paulOsinski (#14666)
• 🎉 add mozilla foundation sec advice to vulnid @manuel-sommer (#14703)
• Clean up endpoint template rendering for user fields @Maffooch (#14682)

🧰 Maintenance

• chore(deps): bump pillow from 12.1.1 to 12.2.0 @dependabot (#14680)

Please consult the Upgrade notes in the documentation for specific instructions for this release, and general upgrade instructions. Below is an automatically generated list of all PRs merged since the previous release.

Changes since 2.57.0

• Fix Wazuh 4.8 parser to attach endpoints/locations to findings @DeWaRs1206 (#14629)
• fix(parsers): use unsaved_tags instead of tags= in Finding constructor @valentijnscholten (#14626)
• update invicti parser to use FirstSeenDate @paulOsinski (#14610)
• 🐛 fix govulncheck ndjson ouput #14642 @manuel-sommer (#14671)
• [docs] maintenance and changelog @paulOsinski (#14665)
• chore(deps): bump ruff from 0.15.8 to 0.15.9 @manuel-sommer (#14663)
• Fix/watson DjangoSuspicousOperationException operation exception @valentijnscholten (#14650)

🚩 Changes to settings.dist.py / local_settings.py

• 🎉 add CNNVD to vulnid @manuel-sommer (#14672)

🖌 Updates in UI

• store more parameters in import settings @valentijnscholten (#14673)

🧰 Maintenance

• chore(deps): bump django from 5.2.12 to 5.2.13 @dependabot (#14664)
• chore(deps): bump cryptography from 46.0.6 to 46.0.7 @dependabot (#14660)
• chore(deps-dev): bump vite from 7.3.1 to 7.3.2 in /docs @dependabot (#14651)
• chore(deps): bump lodash from 4.17.23 to 4.18.1 in /docs @dependabot (#14648)