Skip to main content

Mondoo 8.9 is out!

ยท 3 min read
Mondoo Core Team

๐Ÿฅณ Mondoo 8.9 is out! This release includes expanded EOL/CVE data, expanded asset inventory capabilities, and more!โ€‹

Get this release: Installation Docs | Package Downloads | Docker Container


Alpine 3.17 and Ubuntu 23.04 CVE dataโ€‹

In addition to EOL information, Mondoo now reports CVEs in Alpine 3.17 and Ubuntu 23.04 packages. Container image and Kubernetes cluster scans now automatically expose CVEs in your images.

Asset inventory data out of the boxโ€‹

When you create a new space, all Mondoo query packs are enabled by default so you can dive right into the asset resource explorer without needing to first enable query packs. This extends out-of-the-box asset inventory data to:

  • Windows
  • macOS
  • AWS
  • Azure
  • GCP

Dive into queries more easilyโ€‹

Sometimes it was difficult to view or share information on queries in policies. To make diving into policies and sharing those findings easier, we've given queries their own pages. View everything you need to know on a single page and share those findings with a URL that goes right to the query.

Query Page


Improved UI performanceโ€‹

Everyone loves a snappy UI, so we've worked behind the scenes to make sure space and asset pages load as quickly as possible. In some cases pages will load 10x faster than last week.

Updated VMware Photon EOL dataโ€‹

On May 2, VMware announced the Photon 5.0 release and at the same time clarified the EOL dates for Photon 3.0 and 4.0. Mondoo now includes this updated EOL data along with support for detecting Photon 5.0.

Updated query packs and compliance policiesโ€‹

  • All Kubernetes query packs have been merged into a single pack that's simpler to enable and applies automatically to all assets in your clusters.
  • The VMware vCenter Incident Response Pack now fetches the state of all services on ESXi hosts, not just those that are running.
  • The CIS Google Kubernetes Engine (GKE) Benchmark and CIS Google Cloud Platform Foundation Benchmark policies now fail with an impact score of 95 if a default service account is used on a GKE cluster.
  • The Amazon Web Services (AWS) Best Practices for NIST 800 171 policy now includes impact scores, descriptions, and remediation steps for all queries.
  • Update the CIS Ensure loopback traffic is configured query to also check that firewall packages are installed.
  • Update the CIS Ensure default deny firewall policy and Ensure password reuse is limited queries for SLES hosts.
  • Fix false positives in the CIS Ensure default deny firewall policy query when using nftables.


  • Fix a panic when running cnspec bundle lint. Thanks for reporting this, @kmf!
  • Improve the wording of the prompt to send the scan reports to Mondoo's reporting service.
  • Fix failures fetching more than 100 repositories in the GitHub provider.
  • Fix failures scanning vSphere switches if there are no defined uplinks.
  • Fix failures in the JSON output formatter if the asset could not be scanned.
  • Update more error messages from the legacy transport wording to the correct provider wording.
  • Fix failures querying data from the aws.cloudtrail resource.
  • Optimize the AWS integration Lambda functions to consume fewer API calls.
  • Fix queries on assets not showing as disabled or ignored.
  • Update the checks count on the assets page to reflect the actual number of enabled checks, not just those available to run.