This release includes 5 security fixes for security teams reviewing exposed deployments.
Published 1mo
Containers & Orchestration
✓ No known CVEs patched
This release patches 5 known CVEs
Affected surfaces
auth
rbac
Summary
AI summaryHarden auto‑heal policies, git source webhooks, stack label permissions, management operations, and vulnerability scan scheduling.
Full changelog
0.76.9 (2026-05-14)
Fixed
- fleet: show capabilities, version, metrics, and stacks for pilot-agent nodes (#1044) (8dd0fce)
- harden auto-heal policies (#1042) (e7a3b54)
- harden git source webhooks (#1033) (c31d48b)
- harden stack label permissions (#1036) (b523230)
- harden stack management operations (#1046) (5461bc3)
- harden vulnerability scan scheduling (#1035) (328a984)
- monitor: parallelize per-container stats fetch in evaluation cycle (#1045) (2dda1be)
- schedules: align Schedules surface with backend tier gate for Skipper admins (#1047) (44e40af)
Security Fixes
- Harden auto-heal policies — mitigates unauthorized policy changes
- Harden git source webhooks — prevents injection attacks
- Harden stack label permissions — restricts unauthorized modifications
- Harden stack management operations — limits excessive privileges
- Harden vulnerability scan scheduling — ensures timely and secure scans
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About Sencho
All releases →Related context
Related tools
Beta — feedback welcome: [email protected]