Skip to main content
05/13/2026
Binarly Transparency Platform 3.35.1 adds secret validity to the findings grid, extends analysis to standalone UEFI Management Mode modules, expands the UEFI knowledge base, adds U-Boot firmware image support, ships VulHunt detection for CVE-2026-33243, and improves scan completion performance.

Features

Secrets

  • Secret validity in the findings grid — Secret findings now include a Validity column showing whether each detected secret is confirmed active (Valid), confirmed inactive (Invalid), or could not be checked (Undetermined).

Findings

  • Active filter visual indicator — Columns with an active filter now display a visual indicator in the grid header, making it immediately clear which columns are currently filtered.

Performance

  • Faster scan completion — Vulnerability database lookups during scan finalization are now executed outside the database transaction. This reduces contention when many findings require VDB lookups, cutting overall scan completion time.

Binarly Analysis Engine

  • New Platforms/Formats
    • VulHunt can now detect vulnerabilities in U-Boot binaries.
    • Added support for extracting and analyzing U-Boot firmware images.
  • New Context-Aware Rule Detection (VulHunt, FwHunt, YARA)
    • Added VulHunt detection for CVE-2026-33243 in U-Boot.
  • Analysis Framework Enhancements
    • Added analysis of standalone Management Mode (MM) UEFI modules.
    • Extended the UEFI knowledge base with 500+ additional GUIDs and updated type libraries for NVIDIA firmware.
    • Improved external function call recovery for x86 PIE ELF binaries.

Bug Fixes

Analysis Engine

  • Cryptographic material processing — Fixed a potential panic when analyzing EC keys that lack a generator point.
  • Execution environment setup — Fixed an issue in the analysis execution environment that could cause scan failures in certain configurations.
  • Missing firmware components in scan results — Fixed an issue where components referenced only through archive directory entries were excluded from analysis, causing some firmware contents to not appear in scan results.

Cryptographic materials

  • Bulk download in the cryptographic assets grid — Selecting multiple assets and triggering bulk download now works correctly. Previously the action completed without downloading anything.

Findings

  • Default issue status filter when navigating from the sidebar — Opening the findings page via the sidebar now applies the default issue status filter (New and In Progress), consistent with navigating directly to the page.
  • Database search triggers — Disabled database search triggers and the search UI to resolve lock contention issues during scan finalization.

Compare

  • Swap Compare button — Pressing Swap Compare now correctly re-fetches the grid and updates the comparison filter. Previously the swap had no visible effect until manually triggering a reload.