This release of RHACS fixes the following bugs: * Fixed an issue where Central could perform image scans even when delegated scanning was enabled, due to a race condition during Sensor reconnection. * Fixed an issue where mismatched aggregation fields in Compliance tables and widgets caused inconsistent percentage displays. * Fixed an issue where you ran into Google Kubernetes Engine (GKE) compatibility test failures because the tests still used a deprecated service in RHACS 4.6. * Fixed an issue where you could see the Configuration Management page despite only having Alert permissions, resulting in role-based access control (RBAC) errors. * Fixed an issue where verifying multi-signed images failed due to incorrect error handling. This release of RHACS fixes the following security vulnerabilities: CVE-2024-21536: Flaw in http-proxy-middleware allowed denial of service through unhandled promise rejections in micromatch. CVE-2025-30204: Flaw in jwt-go allowed excessive memory allocation during header parsing, which could lead to a possible denial of service. CVE-2024-57083: Flaw in redoc allowed prototypes in mergeObjects to be tainted, which allowed a denial of service through crafted payloads.