Prowler

v5.27.1 Bugfix

This release fixes issues for SREs watching stability and regressions.

Published 13d Offensive & Pentesting

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

aws azure cis-benchmark cloud cloudsecurity compliance

+12 more

cspm security forensics gcp gdpr hardening iam multi-cloud python security-audit security-hardening security-tools

ReleasePort's take

Light signal

editorial:auto 13d

The Prowler SDK release 5.27.1 fixes false positives in the s3_bucket_shadow_resource_vulnerability and sqlserver_tde_encrypted_with_cmk checks.

Why it matters: Update to version 5.27.1 immediately to eliminate misleading security findings that affect all monitored buckets and Azure SQL servers.

Summary

AI summary

Fixed false findings in s3_bucket_shadow_resource_vulnerability and sqlserver_tde_encrypted_with_cmk checks.

Changes in this release

Type	Severity	Summary	CVE
Bugfix	Medium	s3_bucket_shadow_resource_vulnerability no longer emits tautological PASS for every bucket; produces finding only when bucket name matches predictable service patterns. s3_bucket_shadow_resource_vulnerability no longer emits tautological PASS for every bucket; produces finding only when bucket name matches predictable service patterns. Source: llm_adapter@2026-05-21 Confidence: high	—
Bugfix	Medium	sqlserver_tde_encrypted_with_cmk check for Azure provider no longer reports false FAIL for SQL Servers correctly encrypted with a customer-managed key by excluding system master database from evaluation. sqlserver_tde_encrypted_with_cmk check for Azure provider no longer reports false FAIL for SQL Servers correctly encrypted with a customer-managed key by excluding system master database from evaluation. Source: llm_adapter@2026-05-21 Confidence: high	—

Full changelog

SDK

🐞 Fixed

s3_bucket_shadow_resource_vulnerability no longer emits a tautological PASS finding for every bucket; a finding is now produced only when the bucket name matches one of the predictable service patterns (Glue, SageMaker, EMR, CodeStar) (#11220)
sqlserver_tde_encrypted_with_cmk check for Azure provider no longer reports a false FAIL for SQL Servers whose user databases are correctly encrypted with a customer-managed key, by excluding the system master database (always reports TDE Disabled and is not customer-controllable) from the TDE evaluation (#11233)

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Prowler

Get notified when new releases ship.

About Prowler

Tool based on AWS-CLI commands for Amazon Web Services account security assessment and hardening.

All releases →

Prowler

ReleasePort's take

Summary

Changes in this release

SDK

🐞 Fixed

Related context

Related tools