Enterprise TruRisk™ Platform Release 10.38.2
April 2, 2026
Qualys Vulnerability Management (VM)
KnowledgeBase Enhancement - Support for KnowledgeBase and Search List for Deep Scan QIDs
Deep Scan, available for Qualys Cloud Agent VM scans, improves detection accuracy by inspecting deeper file system locations, increasing coverage for non-standard application paths, and enhancing visibility into modern and custom-built workloads. Cloud Agents can perform both traditional and Deep Scans without impacting agent performance, enabling security teams to close blind spots commonly missed by traditional scans.
This feature is now available with this release. For more information, refer to Enterprise TruRiskTM Platform Release 10.37.2.
Issues Addressed
The following reported and notable customer issues are fixed in this release:
| Component/Category | Application |
Description |
| VM - Knowledge Base | Vulnerability Management | When users with the Manager role attempted to view CVE ID details for certain QIDs in their subscription on the KnowledgeBase listing page, the associated CVE ID data was missing in the CVE ID column. Relevant code changes have been made to fix the issue. |
| VM - User Management | Vulnerability Management | When users deleted Scanner or Reader accounts using the No New Owner option, scheduled scans and other items owned by that user were not deleted, instead, ownership was incorrectly transferred to the primary user, and asset groups continued to display the deleted user as the owner. This occurred because the deletion logic executed after certain transfers, causing Scheduled Scans, Option Profiles, Report Templates, and Search Lists to be reassigned rather than removed. The logic has now been corrected. These items are properly deleted for Scanner and Reader users when No New Owner is selected, while Scheduled Reports are transferred to the POC for Scanner users and deleted for Reader users. Asset group ownership is now handled correctly. This behavior is now documented in the Online Help. |
| VM - API General | Vulnerability Management | When users attempted to executed the CVE detection API using the endpoint /api/3.0/fo/asset/host/vm/cve_detection/, the request did not proceed as expected and returned an error, which caused the API to stop its normal function. Relevant code changes have been made to fix the issue. |
| VM - Report Schedule | Vulnerability Management | When users received scheduled reports via email, they encountered unexpected changes to the downloaded file names, causing automation workflow failures. This issue occurred after the VMRS service was enabled, as the file‑naming behavior was controlled by VMRS response headers. This issue is now fixed by updating the file-naming logic to use system-aligned names while preserving the original file extension. With this fix, customers can now again receive scheduled report files in the expected format, restoring compatibility with existing automation. |
| VM - Purge Assets | Vulnerability Management | When users purged a large number of assets from Asset Search, the UI did not display a confirmation message and appeared to stop responding, even though the purge completed successfully. The purge workflow has now been improved to ensure that a proper confirmation message is displayed consistently, even when processing large asset sets. Users may continue purging assets through the UI or API as needed. |
| VM - VMSP | Vulnerability Management | When users tried to select the Close Vulnerabilities on Dead Hosts option in the Option Profile during a scan launch, it did not work on Agent-tracked assets in their system. These agents were no longer checking, and users expected QIDs to close automatically. Despite continuous assets being marked as dead hosts, the QIDs were still not being closed. This behavior occurred because the Close Vulnerabilities on Dead Hosts option supports only IP‑tracked assets. This behaviour is now documented in the Online Help. |
| VM - API General | Vulnerability Management | When users launched a host list detection API using the endpoint /api/5.0/fo/asset/host/vm/detection/? to obtain results in CSV format, the Last Processed Datetime column information was displayed in an incorrect column. The CSV file also displayed column mismatches in the output. Relevant code changes have been made to fix the issue. |
| VM - Assets | Vulnerability Management | When users tried to download the assets for the Tracking Consistency Check (Address Management > Filters > Check IP Tracking > Download), the CSV file downloaded was blank. Relevant code changes have been made to fix the issue. Now the complete list is downloadable in the CSV format when Download is selected. |
| VM - Assets | Vulnerability Management | When users opened the Applications tab under Assets, the page did not load correctly, and the search filters caused confusion, especially because the UI displayed OR between the Network and IP/Netblock fields, even though both fields were required together. This wording has now been corrected, and replaced with a hyphen (-). Additionally, the OR label between the Asset Group and Network Selection fields has been replaced with AND, depending on the account type: network‑enabled or network‑disabled. With this update, the Applications tab loads as expected, and the search experience is consistent and clear for both the accounts types. This behavior is now documented in the Online Help. |
| VM - Knowledge Base | Vulnerability Management | When the users executed the KnowledgeBase API endpoint, /api/4.0/fo/knowledge_base/vuln/ with nocache parameter set to 1, the API request returned an empty response. Relevant code changes have been made to fix the issue. |