Consul

DNS & Service Discovery

Consul is a distributed service mesh and discovery platform that provides secure service‑to‑service communication, health checking, dynamic configuration, and multi‑datacenter support across Linux, macOS, Windows, and FreeBSD.

Track releases GitHub Website

Go Latest v2.0.0 · 10d ago Security brief →

Features

Multi-datacenter aware service discovery
Service Mesh with automatic TLS encryption and identity‑based authorization
API Gateway for traffic routing and policy enforcement
Health checking to detect and isolate unhealthy services
Dynamic application configuration via an HTTP key/value store

Recent releases

View all 6 releases →

Upgrade now

v2.0.0 Mixed 10d

Dependencies

Envoy upgrade + rate limiter + mesh multi‑port

Open

v1.22.7 Breaking risk 1mo

Security fixes

CVE-2026-33186 in google.golang.org/grpc
CVE-2026-24051 (Path Hijacking) in OpenTelemetry
CVE-2026-2808 remediation

Notable features

TokenNameFormat field for auth-method
Replaced hashstructure_v2 with custom implementations

Full changelog

1.22.7 (April 21, 2026)

SECURITY:

security: update google.golang.org/grpc to fix CVE-2026-33186 [GH-23379]
security: upgrade go.opentelemetry.io/otel to 1.42.0 to remediate CVE-2026-24051 (Path Hijacking / Untrusted Search Paths on macOS). [GH-23387]
test-sds-server: bump github.com/hashicorp/consul to v1.22.5 in integration test module to align with the CVE-2026-2808 fixed release line. [GH-23437]
ui: (Enterprise only) Backport Rollup update to 2.80.0 for release/1.21.x to address CVE-2026-27606 (SECVULN-38912). [GH-23359]

IMPROVEMENTS:

acl: Addition of TokenNameFormat field to auth-method and parse the same for token name [GH-23444]
discovery-chain: removes the use of hashstructure_v2 ([github.com/mitchellh/hashstructure/v2] from compiled discovery chain hashing and replaces it with explicit custom hash implementations. [GH-23393]
ui: removed consul docs website related code as it is being maintained in a separate internal repository. [GH-23398]

BUG FIXES: