Eggplant Generator 26 Release Notes

This page contains the release notes for all the 26.x versions of Eggplant Generator (hereafter called "Generator").

Generator Release 26.2.1 (May 2026)

Version 26.2.1 of Eggplant Generator includes the following fixes and updates:

Security Fixes

Generator 26.2.1 remediates the following security vulnerabilities:

Dependency	Old Version	New Version	CVE(s)	Notes
aiohttp	3.13.3	3.13.5	CVE-2026-34520	C parser accepted null bytes / control chars in response headers (HTTP response splitting)
axios (frontend)	1.13.x	1.15.2	CVE-2025-62718	NO_PROXY hostname normalization bypass; potential SSRF/proxy-bypass
cryptography	46.0.6	46.0.7	CVE-2026-39892	Buffer overflow / out-of-bounds read via Python Buffer Protocol
mako	1.3.11	1.3.12	CVE-2026-44307	Template injection vulnerability in expression parsing
requests	2.32.5	2.33.1	CVE-2026-25645	extract_zipped_paths path traversal fix
langgraph-prebuilt	1.0.9	1.0.11	Critical CVE	Critical vulnerability in 1.0.9; upgraded to 1.0.11
react-doc-viewer	@cyntler/react-doc-viewer	react-doc-viewer	AJV CVE (transitive)	Replaced deprecated package; AJV v6

Generator Release 26.2 (April 2026)

Version 26.2 of Eggplant Generator includes the following enhancements and fixes:

Features

Generator version 26.2 contains the following new feature:

License Management

Generator now provides a dedicated License management page that gives administrators full visibility and control over product licenses directly from the Generator web app. This new page enables you to view, add, and delete Generator licenses within the Generator web app. For more information see Managing Generator Licenses.

info

The License management page is accessible to administrator users only.

Security Fixes

Generator 26.2 remediates the following security vulnerabilities:

Dependency	Remediated Vulnerabilities / Libraries Upgrades
pyarrow	Upgraded from 21.0.0 to 23.0.1 (CVE-2023-47248)
pypdf	Upgraded from 6.7.0 to 6.9.1 (CVE-2026-33123)
langchain-core	Upgraded from 1.2.14 to 1.2.22 (CVE-2026-34070)
certifi	Upgraded from 2025.11.12 to 2026.2.25
chromadb	Upgraded from 0.6.3 to 1.5.2
datasets	Upgraded from 4.5.0 to 4.8.3
fastapi	Upgraded from 0.128.0 to 0.135.1
json-repair	Upgraded from 0.57.1 to 0.58.6
langchain	Upgraded from 1.2.10 to 1.2.14
langgraph	Upgraded from 1.0.6 to 1.0.8
langgraph-prebuilt	Upgraded from 1.0.6 to 1.0.8
nltk	Upgraded from 3.9.1 to 3.9.3
psutil	Upgraded from 5.9.8 to 7.2.2
rapidfuzz	Upgraded from 2.15.1 to 3.14.3
rich	Upgraded from 13.9.4 to 14.3.3
setuptools	Upgraded from 80.10.2 to 82.0.0
transformers	Upgraded from 4.57 to 5.3
uvicorn	Upgraded from 0.40.0 to 0.42.0

Generator Release 26.1 (February 2026)

note

This Eggplant Generator version (hereafter called Generator) is 26.1, which we know is a big jump from the previous 1.2 version. The reason for this change is to align Generator with the other Keysight Eggplant Test products versions, including DAI and Eggplant Functional.

Version 26.1 of Generator includes the following fixes:

Security Fixes

Generator 26.1 remediates the following security vulnerabilities:

Dependency	Remediated Vulnerabilities
aiohttp (v3.13.3)	CVE‑2025‑69223
axios (v1.13.2)	CVE‑2025‑58754
braces (v3.0.2)	CVE‑2024‑4068
js‑yaml (v4.1.1)	CVE‑2025‑64718
langchain (v1.0.8)	CVE‑2025‑68664
langgraph (v1.0.7)	Critical security vulnerability
pdfminer.six (v20260107)	BDSA‑2025‑23986
pyasn1 (v0.6.2)	CVE‑2026‑23490
qs (v6.14.1)	CVE‑2025‑15284
react (v19.2.3)	CVE‑2025‑55182, CVE‑2025‑55183
react-router (v7.12.0)	High security vulnerability
react‑is (v19.2.3)	CVE‑2025‑55184
storybook (v10.0.8)	CVE‑2025‑68429
transformer (v4.57.6)	BDSA‑2025‑68101
urllib3 (v2.6.3)	CVE‑2025‑66418, CVE‑2025‑66471
orjson (v3.11.6)	CVE-2025-67221
python-multipart (v0.0.22)	CVE-2026-24486
pyjwt (v2.11.0)	High security vulnerability