Product Updates

We are pleased to announce Snyk CLI release, v1.1304.2

This release contains fixes and minor improvements. To learn more beyond what is highlighted below, please reference the full release notes.

This update includes the following:

• Fixed vulnerabilities:

  • SNYK-GOLANG-GITHUBCOMAWSAWSSDKGOV2AWSPROTOCOLEVENTSTREAM-16316402

  • SNYK-GOLANG-GITHUBCOMAWSAWSSDKGOV2SERVICES3-16316411

  • CVE-2026-39892

  • CVE-2026-33750

• Snyk Studio: Adding missing tools annotations to MCP server

If you have any questions, feel free to reach out to the Snyk support team. We encourage everyone to upgrade to the latest version to take advantage of these improvements.

We are pleased to announce expanded JVM support for Snyk Container vulnerability scanning. Previously, detection for unmanaged Java container software was limited to OpenJDK 8 binaries. With this update, customers can now identify vulnerabilities in their container images for Java versions beyond OpenJDK 8.

This update includes the following:

• Support for Eclipse Temurin and Adoptium OpenJDK distributions that follow the standard /opt/java/openjdk/release layout.

• Automatic detection via file fingerprinting with no manual action required to enable it.

This feature is gradually rolling out to General Availability (GA) across CLI and Container Registry (CR) integrations.

If you have any questions, feel free to reach out to the Snyk support team.

We are pleased to announce Snyk CLI release, v1.1304.1

This release contains fixes and minor improvements. To learn more beyond what is highlighted below, please reference the full release notes.

This update includes the following:

• Improved error handling to prioritize and surface the most relevant error and correct exit code when multiple errors occur during maintenance windows. Exit code behavior is documented here:

  • https://docs.snyk.io/developer-tools/snyk-cli/debugging-the-snyk-cli#exit-codes

  • https://docs.snyk.io/scan-with-snyk/error-catalog#snyk-0099

• Snyk Agent Scan: Improved CI flexibility with an issues ignore option, and added support for Windows x86 and macOS x86 architectures.

• Fixed vulnerabilities:

  • CVE-2026-4660

  • CVE-2026-39883

If you have any questions, feel free to reach out to the Snyk support team. We encourage everyone to upgrade to the latest version to take advantage of these improvements.

Python is at the heart of the modern AI revolution but for many developers the packaging ecosystem has felt like a bottleneck: burdened by slow installs and fragmented tooling. The emergence of uv has changed that, offering a high-performance alternative that has quickly become the industry standard.

Today, we are excited to announce that Snyk is bringing native support for uv to the Snyk CLI, IDE, and GitHub Actions. This integration ensures that teams can embrace the speed of uv without ever having to trade off on security.

With this update, Snyk enables you to seamlessly integrate uv security scanning directly into your existing Snyk workflows, wherever you are using the CLI.

What’s supported?

Native uv support is currently in Early Access. During this phase, you can use the following commands to secure your uv projects via the CLI:

• snyk test: Scan your uv dependencies for known vulnerabilities.

• snyk monitor: Continuously monitor your project and receive alerts for new risks.

• snyk sbom: Generate a Software Bill of Materials for your uv-based applications.

In addition to the CLI, this support extends to the Snyk IDE extensions, MCP server, and GitHub Actions, providing security coverage wherever you code.

Getting started

If you were part of the closed beta, you can begin using these features immediately on the latest stable release of the CLI (v1.1304). Otherwise, please enable the preview by navigating to the Snyk UI and toggle the feature under Snyk Preview.

What’s next?

We are committed to full-ecosystem support for uv. While this release focuses on the CLI and developer tools, SCM support will follow in the upcoming months.

Documentation

Please see the documentation for more information.

We are pleased to announce the latest stable Snyk CLI release, v1.1304.0.

We are introducing the following key improvements in this version. To learn more about bug fixes and additional enhancements beyond what is highlighted below, please reference the full release notes.

This update includes the following:

• Snyk Evo

  • Accelerate AI Governance and Security: Generate an AI-BOM and instantly validate it against your tenant's Evo policies using the new snyk aibom test command.

  • Enhanced Red Teaming insights: Agent Red Teaming scanned output now includes a vulnerability summary for quicker triage. Also improved JSON support and new exhaustive and eager modes.

• MCP

  • Faster setup: Improved auto-enable behavior for Snyk Code.

  • Ensure Reliable Package Quality: Package health checks are now fully promoted to the stable release channel, providing consistent and reliable risk information.

• Container

  • Extended support for Java runtime binary scanning.

• Additional Reliability and Performance Improvements

  • Increased stability with explicit network retry configuration, option to force global Maven usage, faster Golang scans, improved dependency resolution for Go, Yarn, and Python, and enhanced resilience against non-fatal Maven build errors.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team. We encourage everyone to upgrade to the latest version to take advantage of these new features and improvements.

Following our previous announcement, snyk_package_health_check is now available in the Full (default) profile for Snyk MCP.

This capability brings Secure at Inception protection to dependency selection in agentic development workflows, enabling AI agents to evaluate open-source packages before they are added to a project using insights from Snyk’s Security Database.

snyk_package_health_check is now generally available and enabled by default for supported ecosystems: npm, PyPI, Maven, NuGet, and Golang.

What’s new

• Now included in the Full (default) profile - snyk_package_health_check is enabled by default for Snyk-supported MCP workflows.

• Package health checks across four dimensions: Security, Maintenance, Community, and Popularity.

• Clear guidance outcomes to help manage agent behavior, including Healthy, Review recommended, Not recommended, and Unknown/insufficient data.

Why this matters

• Available by default - snyk_package_health_check is now included in the Full profile, so customers get dependency health checks in MCP workflows without additional setup.

• Ready for production use - With this move to the Full profile, customers can confidently integrate Secure at Inception into their standard development workflows.

If you have any questions, please reach out to the Snyk Support team. To learn more about snyk_package_health_check, visit the Snyk documentation.

We have released a new CLI hotfix (v1.1303.2) to address the following:

• Security Fixes

  • We have implemented a fix for a vulnerability identified in our underlying gRPC library

• Snyk Open Source

  • Optimized Privilege Evaluation: Resolved a bug where the CLI repeatedly checked user feature flags when scanning multiple Go projects, resulting in smoother performance.

  • Enhanced PackageURL Handling: Fixed an issue where Go projects using a replace directive with relative paths would encounter formatting errors.

• Snyk Container

  • Go Standard Library: This update introduces expanded support for the Go Standard Library within Snyk Container scans.

• Snyk Evo (Agent Red Teaming)

  • Attack Profiles: Users can now leverage the --profile flag to choose from pre-configured attack goals, including fast, security, and safety profiles.

  • Improved Terminology: We have updated our internal naming conventions for goals, strategies, and attacks to provide a more intuitive user experience.

  • Improved Onboarding: Interactive wizard to guide users through Agent Red Teaming configuration and setup.

Release notes can be found here.

If you have any questions, please don’t hesitate to reach out to the Snyk support team.

We have released a new CLI hotfix (v1.1303.1) to address the following:

• IDE plugins: Fixes an issue where customers using our most recent IDE plugins release may encounter scans not triggering when Snyk Code is enabled in their IDE settings

• UI: Fixes an issue where JSON output was rendered twice to disk and to standard output

• MCP: Fixes an issue where Snyk rules were not written locally

Release notes can be found here.

If you have any questions, please don’t hesitate to reach out to the Snyk support team.

Starting February 25, 2026, we are introducing snyk_package_health_check for Snyk Studio. This update brings Secure at inception protection to dependency selection in agentic development workflows, ensuring that AI coding assistants evaluate open-source packages before they enter your project.

As AI coding assistants increasingly select and install dependencies autonomously, security must move earlier in the workflow. This feature enables AI agents to use insights from the Snyk security database to evaluate packages at the moment they are chosen.
This functionality is available in an Experimental profile for several supported ecosystems, including npm, PyPI, Maven, NuGet, and Golang.

New capabilities

• Package health checks across four dimensions: Security, Maintenance, Community, and Popularity.

• Clear guidance outcomes to help manage agent behavior, including Healthy, Review recommended, Not recommended, and Unknown/insufficient data.

• Policy-driven guardrails that allow Organizations to require health checks, pause on risk signals, block unsafe packages, and enforce human approval.

Why this matters

Evaluating package health before installation reduces supply chain risk, which is critical because AI agents can introduce dependencies at scale. Integrating snyk_package_health_check into MCP extends your security policies and governance directly into AI-assisted development.

If you have any questions, please reach out to the Snyk Support team. To learn more about snyk_package_health_check, visit the Snyk documentation.

We are pleased to announce the latest stable Snyk CLI release, v1.1303.0.

We are introducing the following key improvements in this version. To learn more about bug fixes and additional enhancements beyond what is highlighted below, please reference the full release notes.

This update includes the following:

• Snyk Open Source

  • Multiple enhancements to sbom test

    • JSON output will now include the additional fields (isDisputed, severityBasedOn, alternativeIds) for richer vulnerability context and reporting.

    • For Maven and npm projects, new dependency scope information (for example, dev vs. production) helps teams understand which vulnerabilities affect production code.

• Additional changes

  • AIBOM users can now persist their AIBOMs to their Snyk Organization using --upload and --repo flags.

  • Redteam users can view an HTML report for easier stakeholder review.

Release notes can be found here.

If you have any questions, feel free to reach out to the Snyk support team. We encourage everyone to upgrade to the latest version to take advantage of these new features and improvements.