portainer

Known issues

• On Async Edge environments, an invalid update schedule date can be displayed when browsing a snapshot

Known issues with Podman support

• Podman environments aren't supported by auto-onboarding script
• It's not possible to add Podman environments via socket, when running a Portainer server on Docker (and vice versa)
• Support for only CentOS 9, Podman 5 rootful

Changes

• Fixed a Docker API proxy authorisation bypass that allowed regular users to circumvent deny-plugin restrictions
• Changed a default setting to enforce server-side EdgeID on first connection
• Fixed a path traversal vulnerability in custom template handling
• Fixed unauthorized access to custom template file contents via a direct API endpoint
• Removed the option to pass a JWT token as a query string parameter
• Removed the possibility to clone Git repositories that contain symlinks
• Fixed a bind mount restriction bypass via HostConfig.Mounts during container creation
• Fixed a bind mount restriction bypass during Swarm service creation
• Fixed a container capabilities and sysctl restriction bypass during Swarm service creation
• Fixed an error handling condition in the database
• Added missing return statements to prevent continued execution after failed authorisation checks
• Fixed an issue where Edge stack deployment retries stopped working
• Resolved the following CVEs:
  • CVE-2026-25679
  • CVE-2026-27139
  • CVE-2026-27142
  • CVE-2026-32280
  • CVE-2026-32281
  • CVE-2026-32282
  • CVE-2026-32283
  • CVE-2026-32288
  • CVE-2026-32289
  • CVE-2025-58058
  • CVE-2026-1229
  • CVE-2026-24051
  • CVE-2026-25934
  • CVE-2026-32285
  • CVE-2026-32952
  • CVE-2026-33186
  • CVE-2026-33762
  • CVE-2026-34165
  • CVE-2026-35206
  • CVE-2026-35469
  • CVE-2026-39882
  • CVE-2026-39883
  • GHSA-3xc5-wrhm-f963
  • GHSA-xmrv-pmrh-hhx2

Deprecated and removed features

Deprecated features

None.

Removed features

None