Prowler

v5.29.2 Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 12h Offensive & Pentesting

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

aws azure cis-benchmark cloud cloudsecurity compliance

+12 more

cspm security forensics gcp gdpr hardening iam multi-cloud python security-audit security-hardening security-tools

Affected surfaces

deps

ReleasePort's take

Moderate signal

editorial:auto 11h

The Vitest toolchain was upgraded from version 4.0.18 to 4.1.8, resolving two critical pnpm audit advisories.

Why it matters: Critical security fixes are applied by upgrading Vitest; operators should adopt the update immediately.

Summary

AI summary

Updates https://github.com/prowler-cloud/prowler/pull/11424, 🐞 Fixed, and 🔄 Changed across a mixed release.

Changes in this release

Type	Severity	Summary	CVE
Security	Critical	Vitest toolchain upgraded from 4.0.18 to 4.1.8 clearing two critical pnpm audit advisories Vitest toolchain upgraded from 4.0.18 to 4.1.8 clearing two critical pnpm audit advisories Source: llm_adapter@2026-06-03 Confidence: high	—
Feature	Low	Account and provider-type selector triggers now show the provider icon with a non-deduped icon stack Account and provider-type selector triggers now show the provider icon with a non-deduped icon stack Source: granite4.1:30b@2026-06-03-audit Confidence: low	—
Bugfix	Medium	Add Provider modal now closes without reloading the providers page Add Provider modal now closes without reloading the providers page Source: llm_adapter@2026-06-03 Confidence: high	—
Bugfix	Medium	Users page shows "Delete User" only on current user's row Users page shows "Delete User" only on current user's row Source: llm_adapter@2026-06-03 Confidence: high	—

Full changelog

UI

🔄 Changed

Account and provider-type selector triggers now show the provider icon, with a non-deduped icon stack (#11424)

🐞 Fixed

Add Provider modal now closes without reloading the providers page (#11424)
Users page now shows the "Delete User" action only on the current user's row, matching the backend rule that a user can only delete their own account (#11447)

🔐 Security

Vitest toolchain upgraded 4.0.18 → 4.1.8 to clear two critical pnpm audit advisories (#11424)

Security Fixes

Vitest upgraded from 4.0.18 to 4.1.8 to clear two critical pnpm audit advisories

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Prowler

Get notified when new releases ship.

About Prowler

Tool based on AWS-CLI commands for Amazon Web Services account security assessment and hardening.

All releases →