NCM 2026.2 release notes
Release date: June 9, 2026
Here's what's new in NCM 2026.2. You can find the applicable system requirements here.
To view release notes, system requirements, and product guide PDFs for supported versions of NCM, see NCM previous versions. To view release notes for multiple versions
NCM runs on the SolarWinds Platform (self-hosted). NCM release notes include the updates from the SolarWinds Platform (self-hosted).
New features and improvements in NCM
There were no features or improvements added for NCM in this release.
New features and improvements in SolarWinds Platform
Discovery Central page
-
A new Discovery Central page provides a single, modern entry point for discovering and managing monitored environments.
-
Users get an overview of what is currently monitored and can discover additional resources from a centralized location.
-
The Discovery Central page is available from the Settings menu and the top right corner of the top menu bar for administrators.
What's New page
The What's New page helps administrators quickly understand new features and important changes after upgrading. This page is meant to be interactive, allowing administrators to click directly into the new feature page. This page shows once for administrators after the first login following an upgrade. Later, it is available as a tab on the new Discovery Central page.
Simplified discovery wizards
-
Discovery wizards now defaults to essential configuration steps and provide links to advanced workflows for more complex scenarios.
High Availability
-
Increased the table view on the HA Pools tab for improved readability.
-
Extended hover behavior across table cells shows pool member roles.
-
Automatic selection of standby members for manual failover in 1:1 HA pools.
-
Simplified and condensed page header.
Engine load balancing
High availability deployments benefit from new engine load balancing, automatically distributing workloads more evenly across engines to improve performance and reliability. See Balance load on additional polling engines in an HA pool.
Expanded maintenance windows scheduling options
Administrators now have additional weekly and monthly scheduling options for maintenance windows, enabling greater flexibility for recurring events.
Alerting Engine – Condition-based suppression
Extended the alerting engine with a native Suppress Condition that applies to all alerts, allowing child alerts to be automatically muted when a related parent object is unhealthy. For example, interface or BGP peer alerts can be prevented from firing when the parent node is down. Suppressed alerts are still recorded for visibility and reporting, but trigger/reset actions and escalations are skipped, reducing alert noise from cascading failures across the environment.
Additional updates
-
Agent communications now support TLS 1.3, enhancing security by using the latest industry‑standard encryption protocols for data in transit.
-
Several enhancements improve the experience of editing and managing Intelligent Maps.
-
Introduced SolarWinds Message Bus Service to replace RabbitMQ.
-
This release only upgrades smaller deployments (fewer than 300 nodes, fewer than 3 polling engines, and not using High Availability).
-
Larger deployments will upgrade to SolarWinds Message Bus in a future release.
-
-
Added support for group Managed Service Accounts (gMSA) for authentication between the SolarWinds Platform and the SQL Server. This reduces reliance on manual service accounts and passwords. Customers can switch to gMSA authentication in the Configuration wizard. See Database authentication types.
-
Users without administrator privileges but with node management permissions can now access the Manage Agents page and manage SolarWinds Platform Agents.
-
DirectLink accounts can no longer be assigned administrator or node-management permissions.
-
Added agent support for RHEL 10.
-
Modern dashboard table widgets can now replace empty values with text "Unknown" instead of a blank value.
-
Added a Nodes with polling issues report. The report shows all nodes with polling issues, including the node name, assigned engine, start time, error code, and error message.
Fixed CVEs
At SolarWinds, we prioritize the swift resolution of CVEs to ensure the security and integrity of our software. In this release, we have successfully addressed the following CVEs.
SolarWinds CVEs
SolarWinds would like to thank our Security Researchers below for reporting on the issue in a responsible manner and working with our security, product, and engineering teams to fix the vulnerability.
| CVE-ID | Vulnerability Title | Description | Severity | Credit |
|---|---|---|---|---|
| CVE-2026-28301 | SolarWinds Observability Self-Hosted Open Redirect Vulnerability | A vulnerability in which an attacker can provide a crafted external URL that may redirect a user to an unintended website. | 4.8 Medium |
Third-party CVEs
| CVE-ID | Vulnerability title | Description | Severity |
|---|---|---|---|
| CVE-2024-29133 | Apache Commons Configuration Out-of-bounds Write Vulnerability | Out-of-bounds write vulnerability in Apache Commons Configuration. This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. | 5.4 Medium |
| CVE-2025-65637 | Logrus Denial-of-Service Vulnerability | A denial-of-service vulnerability exists in the Go logging library Logrus when Entry.Writer() processes a single-line payload larger than 64KB without newline characters. An attacker can trigger a bufio.Scanner failure causing the writer pipe to close permanently, resulting in application logging disruption and potential service unavailability. | 7.5 High |
| CVE-2026-33186 | gRPC-Go Authorization Bypass Vulnerability | An authorization bypass vulnerability exists in gRPC-Go versions prior to 1.79.3 due to improper validation of the HTTP/2 :path pseudo-header. An attacker can send malformed requests without a leading slash to bypass path-based authorization policies and access protected gRPC methods when fallback allow rules are configured. | 9.1 Critical |
Fixed customer issues
| Case number | Description | Platform product |
|---|---|---|
| 00217758, 01009882, 01106411, 01120065, 01133252, 01573128, 01617154, 01994526 | When Views by Device Type for a wireless module is set to default, it is no longer automatically changed to a different device type view. | Platform |
| 01887898 |
Declarative Pipeline YAML parsing now correctly loads YAML definitions on systems using the Turkish locale by using an updated YAML parser, so configuration files are parsed without errors in this regional setting. |
Platform |
| 01894020, 01945929, 02088770 |
World Map management now saves manual map changes correctly on German-language installations, without showing SWIS query errors. |
Platform |
| 01915281 | The performance of modern dashboard table widgets with horizontal threshold bars has been improved. | Platform |
| 01909120 | When a SQL-based alert is triggered for a large number of nodes, the alert is triggered successfully and does not affect the performance of the Web Console. | Platform |
| 02021566 |
An issue that caused the Configuration Wizard to fail with the following error was fixed:
|
Platform |
| 01962578 |
SCP settings that include a path that ends with a backslash ( |
NCM |
| 01975626, 02037128 | All types of widgets can be removed from custom modern dashboards, including previously non-removable system widgets such as wireless access point components, so you can fully customize dashboard layouts. | Platform |
| 01981326, 01997101 | Extra spaces at the beginning or end of custom property values are now removed before the value is saved to the database, so a value with an extra space (for example, "One ") will no longer be seen as different from that value without the extra space (for example, "One"). |
Platform |
| 01961282 | Orphaned record cleanup for the anomaly detection feature now runs more efficiently and removes stale anomaly-based alert and status records without causing heavy SWIS CPU usage in large environments. | Platform |
| 00535994, 02025253 | In the Manage Nodes table, adding the Polling Engine column no longer blocks certain actions such as 'Poll Now', 'Unmanage Now', or 'Export Custom Properties'. | Platform |
| 02049659 | When an item on a World Map has an incorrect instance ID value (for example, two node IDs for the same value), the map no longer fails to render, even if the system logs a clear warning. | Platform |
| 01951065 | When widget settings include an entire URL with the primary web server domain, clicking that widget from an additional web server redirects to the primary web server. However, users that are logged in are no longer prompted to log in again. | Platform |
| 02030565, 02041758, 02046997, 02045991, 02045994 | The installer now performs a preflight check to validate that the .NET8 versions match. Mismatched minor version numbers can cause upgrades to fail or the console to become inaccessible. | Platform |
| 01976650 | Inventory database updates now handle duplicate inventory rows more reliably, helping prevent database errors such as primary key violations, null-value failures, and overflow errors during inventory processing. | NCM |
| 02041303 |
When you create an alert, the trigger condition no longer includes the option Instance of NCM Node because this option failed to display all nodes. Instead, use the option Instance of Node in the trigger condition. |
NCM |
| 02036053 | Agent Management in HA environments now ignores disabled HA pools when sending connection details to agents, so agents no longer keep or receive misleading server information from inactive pool members. | Platform |
| 02040483 |
When you filter nodes displayed in an NCM chart, using a filter that includes custom property values no longer results in the following error:
|
NCM |
| 02041234 |
The WinRM/WMI |
Platform |
| 02049748 | FortiGate bulk discovery now excludes inactive site-to-site tunnels when creating pollers, helping prevent unnecessary polling and collector queue growth in large environments. | Platform |
| 02049748 | Declarative Pipeline collector engine assignment now correctly loads entities on the appropriate polling engine when the engine assignment is defined on a parent entity rather than on the entity itself, preventing misloaded entities and related collector log errors in environments that use this configuration. | Platform |
| 02055264 |
Alert integrations now ensure that when SolarWinds Observability Self-Hosted is integrated with ServiceNow, alert reset status is correctly synchronized to ServiceNow, and the SolarWinds Incident Response alert action works end-to-end so you can select an SIR instance, create incidents from alerts, and track their status updates directly in the SolarWinds Platform. |
Platform |
| 02053174 |
If an alert configuration becomes corrupted in the database, the alerting service no longer fails with the following error:
|
Platform |
| 02059145 | Events resources and summaries now show event times consistently in the correct local time when the SolarWinds server, database server, and browser are in different time zones. | Platform |
| 02032695, 02043746, 02072558 |
An issue was resolved that caused the Configuration Wizard to fail during upgrades with the following message:
|
Platform |
| 02064612 |
In Japanese and German environments, duplicated maps no longer show a different overall status than the original maps, even though they contain the same objects. |
Platform |
| 02043659 |
Network discovery deduplication controls now correctly honor the configuration that disables specific deduplication checks, allowing administrators to discover all intended nodes even when IP, MAC, or other deduplication rules are turned off. |
Platform |
| 01987300, 02071868 | An issue that caused inaccurate End of Sales dates was resolved. | NCM |
| 02077323 |
Toolbar search fields now allow left and right arrow key movement inside the search box on affected pages, so you can move the text cursor with the keyboard as expected. |
Platform |
| 02071573 |
When a bulk update of Linux agents is performed and one or more agents does not have the .NET Framework installed, the update no longer fails. |
Platform |
| 02095727 |
Group and node status in the Web Console now stays consistent between the primary web server and additional web servers. Previously, the same object could show a different status (for example, Critical and OK) after the Configuration Wizard ran. |
Platform |
| 02056947 |
When an agent is assigned to an additional polling engine and automatic node creation is enabled, deploying the agent to the additional polling engine again after a failover to the primary polling engine no longer results in an error. |
Platform |
| 02068408 |
Discovery and report scheduling now correctly run advanced schedules from the specified Starting On date and time, instead of delaying the first run by an extra interval. |
Platform |
| N/A |
You can now change the number of rows shown on the new All Active Alerts page. The page is no longer always limited to 20 results. |
Platform |
| 02085101, 02086241 |
Discovery Ignore List now properly removes interfaces when you choose “Remove from Ignore List,” and those interfaces appear in scheduled discovery results again as expected. |
Platform |
| 02080859 |
Node maintenance schedules now keep all node settings, such as credentials, intact when multiple schedules unmanage or remanage the same nodes at the same time. Previously, some settings could be cleared during these bulk actions. |
Platform |
| 02045539 | Device template selection now handles larger requests more reliably in bigger environments, so selecting nodes in the interactive template workflow no longer fails with an HTTP 500 error when many items are submitted. | NCM |
| 02106984 |
The Platform Connect advanced setting |
Platform |
| 02096472, 02103051, 02096398 |
When a user attempts to open the custom property editor from the legacy Manage Nodes view, the custom property editor now opens as expected instead of intermittently logging the user out and displaying the login dialog. |
Platform |
| 01931015, 02039092, 02093123 |
By default, the GET/POST alert action performs a header validation that can fail if the authorization header is not in the standard format. If this occurs, the centralized setting |
Platform |
| 02119089, 02126304 |
*After you edit a group from the Group Details page, clicking Save or Cancel no longer results in the following error:
|
Platform |
| 02036053, 02098639 | *Agent nodes are no longer blocked from communicating back to their assigned engine when HA is configured. | Platform |
| N/A | *When you add a note when acknowledging an alert, the note is no longer truncated. | Platform |
| 02089204, 02094641 |
*Azure SQL Database with Microsoft Entra ID (formerly Azure AD) authentication now allows the Feature Service and Business Layer to start correctly, so platform services can load and complete setup as expected. |
Platform |
| 02045693, 02124570 |
*Special characters in a gMSA account name no longer prevent authentication. |
Platform |
| N/A | *The Updates page now shows the correct previous product version on the My Deployment > Updates tab, so you see the latest service release from the prior version instead of only the immediately preceding release. | Platform |
| 02108292 | *After switching to the modern UI, the All Active Alerts dashboard no longer resets to the legacy UI after a domain account user logs in again. | Platform |
| 02100252 | *On modern dashboards, a global filter no longer fails to filter out data when the filter is based on a custom property. | Platform |
| 02101788, 02105439 | *Network Atlas maps show the correct status for interfaces. | Platform |
| 02104040, 02127790, 02128135, 02108652. 02108815, 02129182 | *Policy compliance reports now evaluate advanced config search rules correctly, so compliance results are consistent and no longer show incorrect violations for the same device configuration. | NCM |
| 02045443 | *Managed Nodes no longer displays duplicate HA cluster members. | Platform |
| 01997061, 02121747 | *When a KPI widget on a modern dashboard includes a link, reordering the widget no longer causes the link to stop working. | Platform |
| 01953554, 02081294 | *The logic for matching CVEs to nodes has been improved to avoid incorrect matches. | Platform |
*This fix was added after the RC release.
Installation or upgrade
For new SolarWinds Platform deployments, download the installation file from the product page on https://www.solarwinds.com or from the Customer Portal. For more information, see Get the installer.
To activate your product in an existing SolarWinds Platform deployment, use the License Manager.
For upgrades, go to Settings > My Deployment to initiate the upgrade. The SolarWinds Installer upgrades your entire deployment (all SolarWinds Platform products and any scalability engines). For details about upgrading from earlier versions, see Supported upgrade paths.
For more information, see the SolarWinds Platform Product Installation and Upgrade Guide.
For supported upgrade paths, see Upgrade an existing deployment.
Known issues
Last updated: June 9, 2026
SolarWinds Platform installation or upgrade to version 2026.2 fails with Product Catalog Signature Validation (Authenticode UnknownError) due to missing root certificate
When you run the SolarWinds installer or start a Centralized Upgrade (CU), the installer verifies the digital signature of the product catalog before continuing. This check confirms the download is authentic and has not been tampered with.
The signature check relies on the Windows machine having the correct root certificate in its Trusted Root Certification Authorities store. If that root certificate is missing or outdated, Windows cannot validate the signature and the installation stops with an error.
Affected actions:
-
Running the online or offline installer
-
Running a Centralized Upgrade (CU)
-
Upgrading to SolarWinds Platform 2026.2 (both online and offline installers)
Resolution or workaround: For a workaround, see SolarWinds Platform Install or Upgrade to 2026.2 Fails with Product Catalog Signature Validation (Authenticode UnknownError) Due to Missing Root Certificate.
End of life
| Version | EoL announcement | EoE effective date | EoL effective date |
|---|---|---|---|
| 2024.2 | June 9, 2026: End-of-Life (EoL) announcement – Customers on NCM version 2024.2 or earlier should begin transitioning to the latest version of NCM. | July 9, 2026: End-of-Engineering (EoE) – Service releases, bug fixes, workarounds, and service packs for NCM version 2024.2 or earlier will no longer actively be supported by SolarWinds. | July 9, 2027: End-of-Life (EoL) – SolarWinds will no longer provide technical support for NCM version 2024.2. |
| 2024.1 | February 10, 2026: End-of-Life (EoL) announcement – Customers on NCM version 2024.1 or earlier should begin transitioning to the latest version of NCM. | March 12, 2026: End-of-Engineering (EoE) – Service releases, bug fixes, workarounds, and service packs for NCM version 2024.1 or earlier will no longer actively be supported by SolarWinds. | March 12, 2027: End-of-Life (EoL) – SolarWinds will no longer provide technical support for NCM version 2024.1. |
| 2023.4 | October 21, 2025: End-of-Life (EoL) announcement – Customers on NCM version 2023.4 or earlier should begin transitioning to the latest version of NCM. | November 20, 2025: End-of-Engineering (EoE) – Service releases, bug fixes, workarounds, and service packs for NCM version 2023.4 or earlier will no longer actively be supported by SolarWinds. | November 20, 2026: End-of-Life (EoL) – SolarWinds will no longer provide technical support for NCM version 2023.4. |
| 2023.3 | October 21, 2025: End-of-Life (EoL) announcement – Customers on NCM version 2023.3 or earlier should begin transitioning to the latest version of NCM. | November 20, 2025: End-of-Engineering (EoE) – Service releases, bug fixes, workarounds, and service packs for NCM version 2023.3 or earlier will no longer actively be supported by SolarWinds. | November 20, 2026: End-of-Life (EoL) – SolarWinds will no longer provide technical support for NCM version 2023.3. |
| 2023.2 | June 10, 2025: End-of-Life (EoL) announcement – Customers on NCM version 2023.2 or earlier should begin transitioning to the latest version of NCM. | July 10, 2025: End-of-Engineering (EoE) – Service releases, bug fixes, workarounds, and service packs for NCM version 2023.2 or earlier will no longer actively be supported by SolarWinds. | July 10, 2026: End-of-Life (EoL) – SolarWinds will no longer provide technical support for NCM version 2023.2. |
See the End of Life Policy for information about SolarWinds product life cycle phases. To see EoL dates for earlier NCM versions, see NCM release history.
End of support
This version of NCM no longer supports the following platforms and features.
SolarWinds Platform Agent support for Windows Server 2008 R2, Windows 7
Windows Server 2008 R2 and Windows 7 reached End of Life and are no longer supported by SolarWinds Platform Agents. To continue monitoring them, consider switching the polling method to remote monitoring with WMI.
Deprecation notice
The following platforms and features are still supported in the current release. However, they will be unsupported in a future release. Plan on upgrading deprecated platforms, and avoid using deprecated features.
Windows Server 2016
Windows Server 2016 is deprecated as of 2026.2. It is still available and supported in the current release, but will be removed in a future release.
Unmanage Scheduling Utility
The Unmanage Scheduling Utility (Unmanage Task Editor) is deprecated as of 2026.2 and will be removed in a future release. To ensure continued support, schedule all new tasks using the web console Manage Schedules page.
Apache Mesos
Apache Mesos container monitoring is deprecated and will no longer be available in a future release. Migrate your monitored environment to Docker or Kubernetes 1.23+.
Kubernetes 1.16 - 1.22
Kubernetes 1.16 - 1.22 container monitoring is deprecated and will be removed in a future release. SolarWinds recommends upgrading your cluster to version 1.23 or later, then re-adding the service in SolarWinds Observability Self-Hosted.
SQL Server 2016
SQL Server 2016 is deprecated as of 2025.2. It is still available and supported in the current release, but will be removed in a future release. Consider using SQL Server 2022 or later.
Network Atlas
Network Atlas is deprecated as of Orion Platform 2020.2. It is still available and supported in the current release, but will be removed in a future release. Deprecation is an indication that you should avoid expanded use of this feature and formulate a plan to discontinue using the feature. SolarWinds recommends that you start using Intelligent Maps in the SolarWinds Platform Web Console to display maps of physical and logical relationships between entities monitored by the SolarWinds Platform products you have installed.
Starting with 2024.2, you can import Network Atlas maps to Intelligent Maps. See Import maps.
Legal notices
© 2026 SolarWinds Worldwide, LLC. All rights reserved.
This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.
SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.