megachangelog
Snyk logo

Snyk Changelog

Snyk — Security, Compliance product updates and releases, tracked on megachangelog.


AnnouncementJune Update

Rescheduling Snyk Code June Update to June 22

The Snyk Code June Update, including TLS and cryptographic detection improvements for .NET and expanded PHP SQL injection coverage, has been postponed from June 15 to June 22 for final quality validation.

announcementsastcode-scanningsds
Announcement

Prevention Report now available in Early Access

The Prevention Report provides visibility into vulnerabilities developers remediate proactively during creation in Snyk Code and Secrets, tracking security adoption effectiveness across IDE plugins, CLI, and Snyk Studio. Data is captured automatically as teams work to shift security left.

reportingsecuritycode-scanningsecretsdeveloper-experience
Security1.1305.1

Snyk CLI v1.1305.1 released

This release improves rate-limit handling by respecting the X-RateLimit-Reset header for more reliable scans in high-volume environments, and fixes three security vulnerabilities including one in IaC extensions.

clirate-limitingsecurityvulnerabilityreliability
Announcement

New Snyk User Docs site structure

Snyk User Docs have been redesigned and reorganized into six clearly defined site sections including Discover Snyk, Platform administration, Scan/fix/prevent, Developer tools, Agent security, and Data and governance, plus dedicated Getting started and Implementation guides to improve navigation and onboarding.

documentationsite-structureorganizationonboarding
FeatureJune 2026

Snyk Code: June Update

Snyk Code expands security detection for .NET (C# and VB) with improved TLS vulnerability and cryptographic algorithm analysis across standard libraries and third-party packages like BouncyCastle, plus enhanced PHP coverage for SQL injection through database-access wrapper classes.

dotnetsecuritycryptographyphpsast
FeatureMay 26, 2025

Agent Fix: New Agentic Workflow & Claude Model Upgrade

Snyk upgraded Agent Fix to use Claude models with enhanced agentic workflows, including agentic retries that detect and correct deviations from security best practices, dynamic few-shot prompting for secure examples, and full language coverage across all Snyk Code languages. Performance improved significantly with Sonnet and Opus models showing 10+ percentage point gains on Snyk's Golden Test benchmark.

aisecuritycode-remediationclaudeperformance
Feature

OWASP Top 10:2025 Support in Snyk API & Web

Snyk API & Web now supports the OWASP Top 10:2025 standard for compliance reporting, allowing users to generate reports against either the 2025 or 2021 versions.

apicomplianceowaspreporting
Announcement1.1305.0

Announcing Snyk CLI v1.1305.0

Snyk CLI v1.1305.0 introduces the --allow-incomplete-sbom flag for SBOM generation, parallel dependency requests in container monitoring, an experimental breakability evaluation tool for MCP, static Linux binaries, and fixes for npm package aliases, Python .whl file parsing, and dependency vulnerabilities.

clisbomcontainerperformancelinux
Announcement

Snyk Learn: New AI security lessons and refreshed IDE content

Snyk Learn added new lessons on AI secure development, prompt injection, and AI agents, plus refreshed content for IDE integration with developer and admin-focused workflows. New coverage for Python, Rust, and Ruby in OWASP Top 10 path, and a feedback button for users to suggest topics.

learningai-securitytrainingideeducation
Feature

Snyk Studio: Asynchronous Hooks-Based Guardrails for AI Agents

Snyk Studio replaces traditional rules-based guardrails with a new asynchronous, hooks-based architecture that provides deterministic security scans, zero-latency background execution, and improved context window efficiency. The approach now supports multiple Agentic Development Environments with an automated installation script for enterprise deployment.

guardrailsai-agentssecuritystudioagentic-development
Feature

New Analytics Overview Widgets

New widgets added to the analytics overview dashboard display key performance indicators from Snyk Studio and pull request check reports, providing better visibility into your security program.

analyticsdashboardvisibilitysecurityreporting
Security1.1304.2

Snyk CLI v1.1304.2 — Security fixes and Studio improvements

This release addresses multiple vulnerabilities in Go SDK dependencies and adds missing tool annotations to the Snyk Studio MCP server. Users should upgrade to benefit from these security and stability improvements.

clisecuritygolangvulnerabilitiesstudio
Improvement

Improved zero-day report filtering and visibility

Enhanced zero-day report usability with expanded filter options, individual incident breakdown in trend charts, and a new toggle to filter between open and resolved issues in the side panel.

securityzero-dayreportinguifiltering
Feature

Expanded Container JVM Support

Snyk Container now detects vulnerabilities in Java versions beyond OpenJDK 8, expanding from previously limited unmanaged Java container software detection.

containerjvmjavavulnerability-scanningsecurity
Announcement1.1304.1

Snyk CLI v1.1304.1 release

This release improves error handling during maintenance windows with better exit codes, adds Windows x86 and macOS x86 architecture support to Agent Scan, introduces an issues ignore option for CI flexibility, and patches two security vulnerabilities.

cliagent-scanerror-handlingsecuritymacos
ImprovementMay 2026

Snyk Code - Early May 2026 Update

Snyk Code is improving scanning precision across supported languages by tuning Path Traversal severity, adding Apache Camel framework coverage for Java/Kotlin/Groovy, enhancing .snyk exclude patterns with full glob semantics, and reducing false positives in Python archive extraction detection. These changes reduce noise while maintaining detection of genuine security risks.

sastaccuracypythonjavasecurity-tuning
Feature

Identify CISA KEV vulnerabilities for compliance

Snyk added a new Known Exploited Vulnerabilities (KEV) filter that helps you identify and manage risks tracked by CISA as actively exploited in the wild. This filter is available across all pages where issue filters are available for better security backlog management.

securityvulnerabilitiescompliancecisafiltering
Announcement

Announcing Repo Monitor Configuration

Snyk introduces Repo Monitor Configuration, a new Group-level feature that enables centralized management of repository coverage and monitoring configurations across your entire Snyk Group from the Inventory page. This includes centralized asset monitoring, bulk import, on-demand retesting, and actionable error resolution.

inventorymonitoringgroup-managementrepositoriesconfiguration
Feature

Repo Content Sync in Early Access

Repository Content Sync automatically synchronizes your SCM repositories with Snyk, detecting new manifest files and creating projects while deactivating projects when files are deleted. This ensures your Snyk security posture always reflects your current codebase.

repositoriesscmautomationsyncenterprise
Announcement

New stable versions of Snyk IDE plugins

Released new stable versions across all Snyk IDE plugins (VSCode v2.31.0, JetBrains v2.21.0, Eclipse v3.9.0, Visual Studio v2.9.0) with improved stability, reliability fixes including authentication race conditions and CLI fallback handling, and expanded JetBrains compatibility.

idevscodejetbrainseclipsevisual-studio
Feature

Native GraphQL Scanning for Snyk API & Web

Snyk API & Web now supports GraphQL as an API target type with security tests for queries and mutations. Schema ingestion is available via URL, file upload, or direct introspection endpoint fetching, with new authentication settings to support GraphQL targets.

dastgraphqlapiscanningsecurity
Feature

Test target configuration for smoother scans

Added a new Test configuration option to verify target accessibility and settings before running DAST scans. The feature provides real-time feedback on connectivity, authentication, WAF interference, schema validity, and extra hosts.

dastapitestingconfiguration
Feature

Native uv support for Snyk CLI

Snyk now provides native support for the uv Python package manager across the CLI, IDE, and GitHub Actions, enabling high-performance dependency scanning without compromising security.

pythonuvclisecurity-scanningpackage-manager
Announcement1.1304.0

Snyk CLI v1.1304.0 Released

Snyk CLI v1.1304.0 brings new AI governance features with the snyk aibom test command, enhanced Red Teaming insights, improved package health checks in MCP, extended Java runtime binary scanning support, and significant reliability and performance improvements across scanning and dependency resolution.

cliai-governancesecurityperformancecontainer