RegScale 6.31.1.5
[6.31.1.5] 07-15-2026
Known Limitations and Important Information
This release is a hotfix that is only applicable to the 6.31.1.x releases. If your current version is equal to or greater than the 6.32.0.0 release DO NOT APPLY this hotfix.
Enhancements
POA&M Custom Rules
Added support for configurable custom rules for Plans of Action and Milestones (POA&Ms), providing organizations with greater flexibility to tailor POA&M management to their internal processes and compliance requirements.
Automated Cyber Reportable Risk Flagging
Enhanced automation for POA&Ms and milestones by automatically setting the Cyber Reportable Risk flag based on configured workflows, helping ensure reportable risks are consistently identified and tracked.
Improved Test Result Export Labels
Updated the eMASS test result exports to include the [r5] prefix on applicable controls, providing clearer identification of NIST SP 800-53 Revision 5 content.
Updated CIA Value Color Scheme
Refined the visual presentation of Confidentiality, Integrity, and Availability (CIA) values by introducing an updated color scheme for Low impact ratings, improving readability and consistency across the platform.
Hardware and Software Export Improvements
Improved hardware and software inventory exports by eliminating duplicate component assets, resulting in cleaner and more accurate exported data.
Fixes
Vulnerability Status Board Asset Counts
Resolved an issue where the Vulnerability Status Board always displayed zero affected assets, ensuring accurate asset counts are presented.
Issue Milestone Persistence
Fixed a problem that could cause milestones created on issues to disappear after creation. Milestones are now retained correctly.
FedRAMP POA&M Export Asset Completeness
Resolved an issue where FedRAMP POA&M exports could omit associated assets. Exports now include the complete set of related assets.
Over Time Dashboard Stability
Fixed an issue where the Over Time dashboard reset the selected time period when switching tabs and could display stale data from a previously viewed SSP. The selected timeframe and displayed data now remain accurate throughout navigation.
Scan History Ordering
Corrected the ordering of entries on the Scan History tab so scan history is displayed in the expected chronological order.
CIS/CRM Import Status Mapping
Resolved an issue affecting CIS/CRM imports where setting controls could incorrectly populate the Other Status field. Imported status values are now mapped correctly.
Security Fixes
Updated HTML-to-PDF Conversion Engine Dependencies
Resolved multiple security vulnerabilities affecting the HTML-to-PDF conversion component used for document and report exports. The underlying third-party dependencies were updated to address several critical and high-severity security issues in the legacy rendering engine. This update strengthens the security of PDF generation while maintaining existing export functionality.
Customer impact: Improved security for document and report export capabilities with no expected changes to the end-user experience.
Updated OpenAPI/Swagger Dependencies
Updated the OpenAPI and Swagger components used to generate REST API documentation to remediate a high-severity security vulnerability in a transitive dependency. This enhancement improves the security posture of the API documentation framework while preserving compatibility with existing API documentation and developer workflows.
Customer impact: Enhanced security for API documentation generation with no expected changes to published APIs or the Swagger user experience.
