This release adds wildcard and IPv6 support to the proxy exclusion list and support for the new scanner update filename format, as well as a security fix.
Use wildcard and IPv6 entries in the proxy exclusion list
The external proxy exclusion list now accepts leading-wildcard entries, such as *.example.com, so that you can bypass the proxy for every subdomain of a domain with a single entry. The list also accepts IPv4 and IPv6 addresses. Entries are matched against the host rather than its resolved IP address.
Improved AI resource usage
Viewing scan results now uses fewer resources when AI features are enabled, improving performance.
Bug fixes
We've fixed a bug whereby uploading a client TLS certificate that wasn't a valid PKCS#12 file would fail silently. The scan configuration now rejects the file with a specific error message when you save. Oversized files are also rejected before upload, so the browser tab no longer crashes.
Security fixes
We have fixed several critical security issues related to third-party components used by Burp Suite DAST, including the bundled browser. We recommend updating to this release.