Release notes for the July, 12 2026 update¶
Update Version 4.1.202607102103
New Features¶
Added support for Microsoft Graph sessions using native PowerShell clients¶
Added support for establishing Microsoft Graph sessions from native PowerShell clients, enabling secure, Zero Trust access to Microsoft Graph APIs for managing Microsoft Entra ID, Azure, and Microsoft 365 environments.
The integration supports credential injection, role-based access control (RBAC), access request and approval workflows, session suspension and termination, and session logging for auditing and compliance.
Added Personal Site support for application users¶
Added support for Personal Sites, allowing application users to securely store and access personal non-shared credentials and other sensitive information in isolated areas of the vault.
Assets stored in Personal Sites integrate with browser extensions to securely fill login forms on web portals. Sensitive information can also be shared using short-lived, secure Safe Links.
Personal Sites promote better security hygiene by providing users with a secure location to store web portal credentials and other sensitive information that falls outside the organization's centrally managed accounts and policies.
Site administrators can explicitly grant users permission to provision and use Personal Sites, enabling organizations to control their deployment and adoption across the enterprise.
Extensions¶
-
Added descriptive labels to tasks on the asset view screen to distinguish whether each task runs on the main or related asset, and to indicate its trigger type.
-
Added the option for Web HTTP sessions and the browser password autofill extension to use default field names in addition to the field names defined by the asset's page schema by preceding page schema entries with the plus sign (+).
-
Added the option to retrieve the decrypted history of an asset field value from backup during Break Glass access, limited to a specified number of previous values.
-
Added support for Elliptic Curve (EC) public keys when connecting to Windows RDP hosts using native desktop and mobile RDP clients.
Security¶
Security Improvements¶
Components Update¶
-
Updated application WEB framework to the latest version.
-
Updated application WEB container to the latest version.
-
Updated database access component to the latest version.
-
Updated data processor component to the latest version.
-
Updated SSH client, server and proxy components to the latest version.
-
Updated internal scripting component to the latest version.
-
Updated Code Editor view and state components to the latest version.
-
Updated PostgreSQL driver to the latest version.
-
Updated network streaming component to the latest version.
-
Updated Informix driver to the latest version.
-
Updated client side markdown processing component to the latest version.
Fixes¶
-
Fixed the issue that caused duplicate site roles to be displayed on the current user information card in the login toolbar when accessing sub-sites.
-
Fixed the issue with duplicated AI Manager role on the site roles management screen.
-
Fixed the issue with extra permissions allowed to unprivileged users for certain operations in the vault.
-
Fixed the issue with the Assets by Type dashboard chart displaying assets from the sub-sites.
-
Fixed the issue where server-side errors displayed in the Web Console could cause users to be logged out.
-
Fixed the issue where the Web Session control box remained on the screen longer than necessary after session initialization or after it was no longer in use.
-
Fixed the issue where Web HTTP sessions and the browser password autofill extension continued to use default field names in addition to the field names defined by the asset's page schema.
-
Fixed the issue with displaying the list of backups with incomplete or broken individual backups.