Version 6.6.18

Bug Fixes:

• #11405 Task doesn't refresh on delete
• #11396 The Creation of the Relationship Intrusion set Attributed to Campaign Should Not be Possible
• #11363 "Cant index relation" error when creating entity with default values
• #11359 Discarded ingestion in the worker doesnt report the expectation
• #11265 Add in container popup has broken search
• #11227 Relationship direction icon is incorrect in Observable Knowledge tab
• #11144 Select All observables i a container in draft does not do anything
• #11022 List settings redirection work only with Report
• #10882 Relationship type not translated in background task pop up
• #9915 Wrong color of "action button" in data tables
• #11391 Improve retention manager execution

Pull Requests:

• Update quay.io/keycloak/keycloak Docker tag to v26.2.5 by @renovate in #11289
• Update material-ui monorepo by @renovate in #10320
• Update dependency file-type to v21 by @renovate in #11291
• [frontend] redirect link updated (#11022) by @ValentinBouzinFiligran in #11293
• [frontend] Update NestedMenuButton color and move additional settings into it (#9915) by @Gwendoline-FAVRE-FELIX in #11355
• [frontend] Relationship type translation in background task pop-up (#10882) by @Archidoit in #11354
• Update docker.elastic.co/elasticsearch/elasticsearch Docker tag to v8.18.2 by @renovate in #11332
• [backend] handle new split_bundle_with_expectations signature (#11359) by @JeremyCloarec in #11365
• [backend] STIX 2.0 converter: Malware (#8832) by @marieflorescontact in #10392
• [frontend] Add in container popup has broken search (#11265) by @ValentinBouzinFiligran in #11373
• [frontend] fix delete a task doesn't refresh (#11405) by @delemaf in #11406
• [backend] Improve retention manager execution (#11391) by @richard-julien in #11395
• Update dependency esbuild to v0.25.5 by @renovate in #11344
• Update dependency markdown-to-jsx to v7.7.7 - autoclosed by @renovate in #11345
• Update fontsource monorepo to v5.2.6 by @renovate in #11334
• Update docker.elastic.co/kibana/kibana Docker tag to v8.18.2 by @renovate in #11333
• Update dependency @types/node to v22.15.32 by @renovate in #11287
• Update dependency @langchain/core to v0.3.59 by @renovate in #11286
• Bump brace-expansion from 1.1.11 to 1.1.12 in /opencti-platform/opencti-graphql by @dependabot in #11285
• [frontend] update globalCount when inserting node in relay updated (#11144) by @JeremyCloarec in #11401
• [backend] added missing resolving for default values (#11363) by @JeremyCloarec in #11419
• [frontend] Relationship icon direction updated in Observable Knowledge tab (#11227) by @ValentinBouzinFiligran in #11417

Full Changelog: 6.6.17...6.6.18

Version 6.6.17

Important notice: heavy database migration ⚠️

This release deactivate the migration introduced with OpenCTI 6.6.16, cleaning up activity logs in the database.
Please see the 6.6.16 release note for more details.

Bug Fixes:

• #11312 Managing restricted access is not working on the notes
• #11306 Background task delete all notifications (for everyone)
• #11303 Crash on investigation page

Pull Requests:

• [frontend] Save graph zoom only if there is one (#11303) by @lndrtrbn in #11304
• [backend] removing too heavy cleanup migration script (#11273) by @labo-flg in #11313
• [frontend] add user_id as not cleanable filter keys (#11306) by @JeremyCloarec in #11310
• [frontend] remove Manage Access button from Notes entities (#11312) by @marieflorescontact in #11315

Full Changelog: 6.6.16...6.6.17

Version 6.6.16

Important notice: heavy database migration ⚠️

Release 6.6.16 includes a migration script that cleans up the database following resolution of #10777. Purpose of the migration is to add missing group information on activity logs that were incorrectly generated, and make possible searching and filtering activity logs consistently with respect to the group criteria.
The impacted activity logs are those generated by the platform between 6.6.0 and 6.6.16.
On large platforms with millions of impacted activity records, this migration can take several hours.

We disabled this migration in OpenCTI 6.6.17.

For those who do not need to repair the activity logs and prefer skipping this heavy migration, you can update your platform from 6.6.15 (or a prior release) to 6.6.17 directly.
For those who wants to repair their database this way, you might want to update your platform to 6.6.16 and then to the latest version.

Bug Fixes:

• #11273 [Groups] Group ids are not identified in activity monitoring
• #10777 Can't filter by Group on Activity
• #10299 Indicator decay: update valid until and score when "revoked" changes.
• #9158 [Bulk Search] Searching with MD5 value doesn't work if my File also contains an SHA256

Pull Requests:

• [frontend] Fix bulk search with hashes (#9158) by @SouadHadjiat in #11245
• [backend] compute decay when revoked is changed(#10299) by @aHenryJard in #10714
• [backend] add missing group_ids in user origin (#11273) by @JeremyCloarec in #11275

Full Changelog: 6.6.15...6.6.16

Version 6.6.15

Enhancements:

• #10434 Add Italian language support to the i18n code

Bug Fixes:

• #11177 Wrong log message when adding a "Creator"
• #11138 Invalid setting leading to account lockout
• #11132 Reports originated from RSS feed re-ingested into the platform after deleting it
• #10935 Missing required elements for XXXX creation too high log level
• #10795 In import workflow, the field for copy/paste is not respecting UX standard
• #10786 Exporting dashboard in PDF is broken
• #10778 Can't update nested ref from Observable Knowledge tab
• #10734 2 Deepscan issues landed in master
• #10574 Author not updated through Live Stream

Pull Requests:

• [frontend] Add Italian language support (#10434) by @rpfontana in #11000
• Update dependency graphiql to v4 by @renovate in #10930
• [backend] always update createdBy in full sync if different (#10574) by @JeremyCloarec in #11153
• [backend] Allow marking direct marking deletion (#11112) by @aHenryJard in #11141
• [backend] check language value at user edition (#11138) by @Archidoit in #11143
• [backend] fix current_state_date date format (#11132) by @JeremyCloarec in #11176
• [backend/frontend] Check events restrictions in notifications and remove stream message for creation/deletion notifications by @Archidoit in #10265
• [backend] fix ResourceNotFoundError handling (#10734) by @JeremyCloarec in #11180
• [backend] change idGen error type when no data (#10935) by @JeremyCloarec in #11181
• [dependencies] prepare redis updates to major 8 (#6975) by @aHenryJard in #10973
• [frontend] fix dashboard export to pdf fails when containing donuts (#10786) by @aHenryJard in #11009
• [backend] Fix add creator stream message (#11177) by @SouadHadjiat in #11190
• Improve automatic translations scripts by @labo-flg in #11189
• [frontend] Fix spacing in import files dialog free textarea and stepper (#10795) by @delemaf in #11202
• [frontend] Possibility to update stop_time of a nested ref (#10778) by @Archidoit in #11218
• Align all docker images to node 22 for Drone by @aHenryJard in #11236
• Update opensearchproject/opensearch Docker tag to v3 by @renovate in #11102

New Contributors:

• @rpfontana made their first contribution in #11000

Full Changelog: 6.6.14...6.6.15

Version 6.6.14

Bug Fixes:

• #11135 Improve error message for "Type undefined not supported"
• #11112 Deleting marking with stix API does not propagates to group configuration
• #10975 Prevent update with a decimal score on Indicator, Observable
• #10839 Uploaded file description should be truncated
• #10829 Draft: validation show 0% despite being done
• #10738 YARA Rule Observable Type is being added as "Unknown"
• #10723 When filters open for the first time, they are aligned, then if you re-open, not correctly aligned
• #10661 HTML Heading is STILL broken
• #10590 Rule engine page keeps refreshing
• #10184 Resolve container references Predefined Rule Error with Certain Relationships
• #9092 Filters are not opened automatically like before
• #9065 [Playbook] Changing Author does not work and prevents all edits

Pull Requests:

• [CI] Feature branch on staging by @efaure in #11108
• [backend] set observable type to StixFile for yara patterns (#10738) by @JeremyCloarec in #11111
• [backend] Add a condition on stix delete to use marking deletion (#11112) by @aHenryJard in #11113
• [frontend] fix file type overflow (#10839) by @delemaf in #11110
• [backend/frontend] validate Indicator & Observable score value (#10975) by @marieflorescontact in #11121
• [frontend] [Playbook] Changing Author does not work and prevents all edits (#9065) by @SarahBocognano in #11122
• [frontend] Move page Rules engine to TypeScript (#10590) by @lndrtrbn in #11055
• [backend] remove meta relationships in resolve_container playbook component (#10184) by @JeremyCloarec in #11123
• [frontend] open automatically first filter added (#9092) by @Archidoit in #10495
• [backend] validate indicators & observables score value (#10975) by @marieflorescontact in #11134
• [backend] Check that entity type is defined or raise a detailled error (#11135) by @aHenryJard in #11136
• [frontend] fix headings options in ckeditor (#10661) by @labo-flg in #11114

Full Changelog: 6.6.13...6.6.14

Version 6.6.13

Bug Fixes:

• #11076 Issues with notification for users in platform organization
• #11050 Indicator => knowledge list layout is broken
• #11046 Typo in the word WORKFLOW under customization/report
• #10965 Search keyword in entity history also written for relations history
• #10881 Invalid date / time values can be added using a python program and pycti module
• #10818 Vocabularies screen layout is broken
• #10797 Lines layout is broken in observable / knowledge section
• #10761 Layout is broken when loading the import panel
• #10696 Hover on each line overtakes
• #10616 Opening the import window have incorrect UX behavior
• #10598 History is duplicated when uploading a new version of the file. (upsert)

Pull Requests:

• [frontend] Stix core object history lines (#10965) by @Archidoit in #11042
• [backend] validate date inputs format in validateInputAgainstSchema (#10881) by @JeremyCloarec in #10984
• [frontend] fix broken layout on open import dialog (#10761) by @delemaf in #11019
• [frontend] Fix Hover Indicators/Knowledge view (#11050) by @Gwendoline-FAVRE-FELIX in #11067
• [frontend] In Live streams view and TAXII collections view, the hover overtakes on the line below. (#10696) by @Gwendoline-FAVRE-FELIX in #11065
• [frontend/backend] History message for new version of a file upload (#10598) by @Archidoit in #11038
• [frontend] Lines layout is broken in observable / knowledge section (#10797) by @SarahBocognano in #11071
• [frontend] Vocabularies screen layout is broken (#10818) by @Gwendoline-FAVRE-FELIX in #10960
• [frontend] Typo in the word WORKFLOW under customization/report (#11046) by @Gwendoline-FAVRE-FELIX in #11074
• [backend] fix user_inside_platform_organization handling in context (#11076) by @JeremyCloarec in #11080
• Update dependency amqplib to v0.10.8 by @renovate in #11089
• [frontend] Improve close import file dialog (#10616) by @delemaf in #11107
• Update dependency vite to v6.3.5 by @renovate in #11097
• Update dependency react-router-dom to v6.30.1 by @renovate in #11095
• Update dependency esbuild to v0.25.4 by @renovate in #11091
• Update dependency marked to v15.0.12 by @renovate in #11093
• Update dependency semver to v7.7.2 by @renovate in #11096
• Update dependency webpack to v5.99.9 by @renovate in #11098
• Update dependency html-react-parser to v5.2.5 by @renovate in #11092
• Update dependency monocart-reporter to v2.9.19 by @renovate in #11094
• Update Node.js to v22.16.0 by @renovate in #11086
• Update dependency @mistralai/mistralai to v1.6.1 by @renovate in #11088
• Update opensearchproject/opensearch Docker tag to v2.19.2 by @renovate in #10925
• Update opensearchproject/opensearch-dashboards Docker tag to v2.19.2 by @renovate in #10926
• Update dependency @langchain/core to v0.3.57 by @renovate in #10917

Full Changelog: 6.6.12...6.6.13

Version 6.6.12

Enhancements:

• #11031 Improve dev stacktrace and add dev tool to convert minify stack
• #10087 Add a description to countries

Bug Fixes:

• #11051 Removed organization can lead to build user failure
• #11043 Inability to Add Observables from Report to Another Container (Grouping) for Platform Org Users without "Bypass all capabilities"
• #11034 Email notifications from does not have any sender name
• #11032 When attribute contributing to standard ID is null, other STIX IDs are not cumulated
• #10988 Failed migration doest not stop the platform starts anymore
• #10963 Migration 1742823297613-reindex-targets-rel does timeout
• #10936 Cannot set headers after they are sent to the client in /health api
• #10869 Network traffic objects are being merged unexpectedly
• #10863 2FA cancel button doesn't work
• #10857 Author field cannot be emptied anymore
• #10838 Style in sightings history is different
• #10791 Timeline view filters layout issue
• #10760 Indicators composed with this observable incorrect layout
• #10723 When filters open for the first time, they are aligned, then if you re-open, not correctly aligned
• #10701 Missing entity type filter in relationship creation list
• #10551 [CSV Mapper] Two "Author" field on the Note representation
• #10326 History is incorrect when upserting creators
• #9783 Padding right on data table is too low
• #8766 Wrong name field on relationship overview in knowledge graph
• #8588 [CSV feed] CSV feed flood ingestion with identical data

Pull Requests:

• [frontend] Add a description to countries (#10087) by @SarahBocognano in #10959
• [frontend] Author field cannot be emptied anymore (#10857) by @Archidoit in #10961
• [backend] One prefix missing on cyberark configuration by @aHenryJard in #10986
• [frontend] Fix incorrect layout in Indicators composed with this observable by @CelineSebe in #10977
• [frontend/backend] Edition mutation input updated (#10383) by @ValentinBouzinFiligran in #10952
• [frontend] Fix entity type filter in relationship creation list by @CelineSebe in #10998
• [backend] Fix failed migration should stop the platform (#10988) by @SouadHadjiat in #10999
• [backend/frontend] Introduce better sourcemap and stack analysis script by @richard-julien in #11023
• Update docker.elastic.co/kibana/kibana Docker tag to v8.18.1 by @renovate in #10994
• Update docker.elastic.co/elasticsearch/elasticsearch Docker tag to v8.18.1 by @renovate in #10993
• [backend] add more telemetry data for draft & workbenches (#11014) by @JeremyCloarec in #11015
• [frontend] Relationship start/stop time name uniformization (#8766) by @Archidoit in #10997
• [frontend] Style in sightings history is different (#10838) by @SarahBocognano in #11001
• [backend] Fix history and upserting in specific conditions (#10326, #11032, #11034) by @SamuelHassine in #11033
• [frontend] align filter popover on chip instead of label (#10723) by @frapuks in #11037
• [frontend] replace mutation and button by link to logout (#10863) by @frapuks in #10867
• Update dependency file-type to v20.5.0 by @renovate in #10911
• Update dependency marked to v15.0.11 by @renovate in #10772
• Update quay.io/keycloak/keycloak Docker tag to v26.2.4 by @renovate in #10927
• Update dependency yara-python to v4.5.2 by @renovate in #10924
• Update Node.js to v22.15.1 by @renovate in #10916
• Update dependency rate-limiter-flexible to v7.1.1 by @renovate in #10915
• Update dependency graphql to v16.11.0 by @renovate in #10913
• Update dependency vite to v6.3.4 [SECURITY] by @renovate in #10894
• [frontend] [CSV Mapper] Two "Author" field on the Note representation (#10551) by @SarahBocognano in #10877
• [frontend] Fix MoreVert icon size in dataTable (#9783) by @CelineSebe in #10561
• [frontend] Timeline filters layout (#10791) by @Archidoit in #11053
• [backend] add correct user_inside_platform_organization in taskManager context (#11043) by @JeremyCloarec in #11054

Full Changelog: 6.6.11...6.6.12

Version 6.6.11

Bug Fixes:

• #10897 [BUG] Multiple persona tags on Threat Actor when linked via multiple knowledge graphs
• #9468 Errors while completing the grouping creation form

Pull Requests:

• [frontend] Fix validation errors on changes in creation forms by @CelineSebe in #10728
• [backend] Improving code and test coverage on data sharing by @aHenryJard in #10967
• [CI] add a log file for sync-raw test on jfrog output by @aHenryJard in #10974
• Bump vite from 5.4.18 to 5.4.19 in /opencti-platform/opencti-graphql by @dependabot in #10940
• Update rjsf monorepo to v5.24.10 by @renovate in #10928
• Update dependency axios to v1.9.0 by @renovate in #10909
• Update dependency monocart-reporter to v2.9.18 by @renovate in #10921
• [frontend] Patch to correct duplicate persona chips by @ParamConstructor in #10898

Full Changelog: 6.6.10...6.6.11

Version 6.6.10

Bug Fixes:

• #10946 Live Stream is Not Working with Organization Segregation
• #10945 Http sharing (csv, taxii, stream) blocked data organization segregation sharing
• #10942 Convert to draft feature does not work (workbench)
• #10906 Rule execution on report can trigger outdated update that will produce data revert in playbook system
• #10900 No information about the modified entity in Activity Knowledge update events
• #10890 Having many sessions in User session history is not handled in the UI
• #10794 When adding a location to a threat actor individual, search is broken

Pull Requests:

• [frontend] Fix Search in Add locations of Threat Actor Individuals (#10794) by @Archidoit in #10887
• [frontend] Bug fix for the overflowing User Session area by @daimyo007 in #10787
• [frontend] Saved Filters Edition (#10383) by @ValentinBouzinFiligran in #10808
• Update dependency apexcharts to v4.7.0 by @renovate in #10908
• Update dependency i18n-auto-translation to v2.2.1 by @renovate in #10920
• [backend] Http sharing (csv, taxii, stream) blocked data organization segregation sharing (#10945) by @richard-julien in #10947
• [backend] Rule execution on report can trigger outdated update that will produce data revert in playbook system (#10906) by @richard-julien in #10953
• [frontend] Add an highlight on the saved filters container by @CelineSebe in #10814
• [backend/frontend] Fix convert workbench to draft (#10942) by @SouadHadjiat in #10950
• [frontend] entity context in Activity Knowledge update logs (#10900) by @Archidoit in #10937

Full Changelog: 6.6.9...6.6.10

Version 6.6.9

Bug Fixes:

• #10883 Modify "observable_values" data model format in STIX 2.1 extension
• #10856 In some cases, we have multiple values in "author" (rel_created-by.internal_id)
• #10852 In Knowledge => All relationships view, source type / target type are incorrect
• #10821 No activity log is created when a user updates their own account information
• #10819 Columns not aligned in status template list
• #10793 In investigation, popover for removing is showing checkbox to delete element if no container contains it
• #10759 Initial loader placeholder is broken
• #10742 Too many loaders in the distribution of opinions (3)
• #10436 All attributes are visible when configuring a csv feed sharing
• #9787 CTRL+click is not working on the left menu (top level)
• #9646 [Playbook] Problem displaying “label” filter

Pull Requests:

• Update redis Docker tag to v7.4.3 by @renovate in #10844
• [frontend] update attributes when configuring a csv feed sharing by @CelineSebe in #10776
• [backend] log user self-updates in activity stream (#10821) by @Gwendoline-FAVRE-FELIX in #10822
• [frontend] Columns not aligned in status template list (#10819) by @Gwendoline-FAVRE-FELIX in #10845
• [frontend] CTRL+click on left menu top level (#9787) by @Archidoit in #10864
• [frontend] Provide all entity types for source/target type filters (#10852) by @Archidoit in #10859
• [frontend] Fix the loaders in the distribution of opinions by @CelineSebe in #10836
• [frontend] DataTable: compute table width before calling loading lines (#10759) by @lndrtrbn in #10865
• Update dependency markdown-to-jsx to v7.7.6 by @renovate in #10801
• Update dependency esbuild to v0.25.3 by @renovate in #10800
• Update dependency react-intl to v7.1.11 by @renovate in #10773
• Update dependency @elastic/elasticsearch to v8.18.2 by @renovate in #10770
• Update Yarn to v4.9.1 by @renovate in #10755
• Update dependency webpack to v5.99.7 by @renovate in #10753
• Update dependency three-spritetext to v1.9.6 by @renovate in #10752
• Update dependency recharts to v2.15.3 by @renovate in #10751
• Update dependency openai to v4.96.2 by @renovate in #10750
• Update dependency @langchain/core to v0.3.49 by @renovate in #10749
• Update dependency vite to v6.3.3 by @renovate in #10747
• Update dependency nconf to v0.13.0 by @renovate in #10746
• Update dependency @vitejs/plugin-react to v4.4.1 by @renovate in #10744
• Update dependency jsdom to v26.1.0 by @renovate in #10649
• Update dependency @mistralai/mistralai to v1.6.0 by @renovate in #9977
• Update opentelemetry-python monorepo by @renovate in #9847
• [backend] Revert playbook cron filter rel keys conversion (#9646) by @Archidoit in #10862
• [backend] fix unresolved elements in upsert (#10856) by @JeremyCloarec in #10871
• [backend] keep raw observable value format when converting observableValues in stix (#10883) by @JeremyCloarec in #10884
• [frontend] Removing popover should not show cascade delete in investigations (#10793) by @Archidoit in #10807

Full Changelog: 6.6.8...6.6.9