05/27/2026
Binarly Transparency Platform 3.41.0 adds VulHunt detection for CVE-2026-33243 in U-Boot, extends CVE-2022-37434 coverage for zlib, updates KSPP kernel hardening rules with a new ARM-specific check, and expands CryptoScan to detect additional cryptographic key formats.
Features
- Additional vulnerability identifier types: Finding data now includes identifiers from the ALSA, Go, HSEC, PSF, and PYSEC vulnerability databases. Finding properties now include provenance metadata showing which analysis component produced each value.
Binarly Analysis Engine
- New Context-Aware Rule Detection (VulHunt, FwHunt, YARA)
- Added VulHunt detection for CVE-2026-33243 in U-Boot, using string reference analysis instead of binary signatures for more reliable detection across firmware versions.
- Extended VulHunt coverage for CVE-2022-37434 (zlib) to include binaries from versions newer than 1.2.12.
- Updated kernel hardening detection rules to reflect current KSPP recommendations.
- Added a dedicated DEBUG_WX detection rule for ARM kernels with kernel version specification.
- Analysis Framework Enhancements
- CryptoScan can now detect PGP and TSS2 (TPM 2.0) private and public keys, and PKCS#12 private keys.
- CryptoScan now extracts and parses EC keys across all supported private key formats (SSH, PGP, PKCS#12).
Bug Fixes
Deployment
- Duplicate podAntiAffinity in Helm chart: Fixed an issue where
podAntiAffinityconfiguration was declared twice when set in Helm values, causing chart application failures for clusters with this setting configured.