Perforce ALM 2026.2 release notes

Released: June 2026

Perforce ALM 2026.2 improves reliability across components by resolving usability and stability issues. It also delivers important security updates through dependency upgrades and vulnerability fixes.

Bug fixes

All ALM areas

  • Logging in using single sign-on could fail to show projects in the Perforce ALM for Jira app.

  • Stopping the Perforce ALM Server daemon could fail on Linux.

  • Hyperlinks with unescaped space characters could be broken when viewing item details in the web client.

  • Some fields could not be selected when using a text export template in the web client.

  • The web client could crash when viewing a folder if a column for an inactive workflow event field was present.

  • Additional user information could not be shown when displaying names as "First Middle Last" in the web client.

  • Opening ttstudio hyperlinks could fail when editing item details in the web client.

  • Setting a date using bulk field changes in the web client could be off by one day when using a UTC-positive time zone.

  • Text import and export in the web client could fail to show new fields if the dialog was already open.

Perforce ALM 2026.2.0 also includes other minor bug fixes.

Security fixes

All ALM areas

  • HTML and SVG file attachments are now always downloaded instead of opening in a new browser tab when using the web client.

  • Upgraded ICU to version 78.3 to address potential vulnerabilities: CVE-2025-5222.

  • Upgraded OpenSSL to version 3.5.5 to address potential vulnerabilities: CVE-2025-15467.

  • Upgraded Node.js to version 20.20.2 to address potential vulnerabilities: CVE-2026-21637, CVE-2026-21710, CVE-2026-21713, CVE-2026-21714, CVE-2026-21715, CVE-2026-21716, CVE-2026-21717.

  • Upgraded the Jenkins integration to address potential vulnerabilities: CVE-2026-4800, CVE-2026-4867, CVE-2026-26278, CVE-2026-33036, CVE-2026-33891, CVE-2026-33894, CVE-2026-33895, CVE-2026-33896, CVE-2026-44665.

  • Upgraded the Jira integration to address potential vulnerabilities: CVE-2026-4800, CVE-2026-4867, CVE-2026-33891, CVE-2026-33894, CVE-2026-33895, CVE-2026-33896.

  • Upgraded the web client to address potential vulnerabilities: CVE-2026-4258, CVE-2026-4800, CVE-2026-26996, CVE-2026-27903, CVE-2026-27904, CVE-2026-27970, CVE-2026-33937, CVE-2026-33938, CVE-2026-33939, CVE-2026-33940, CVE-2026-33941.

  • Upgraded the REST API to address potential vulnerabilities: CVE-2025-69873, CVE-2026-2359, CVE-2026-3304, CVE-2026-3520, CVE-2026-4800, CVE-2026-4867, CVE-2026-26996, CVE-2026-27601, CVE-2026-27903, CVE-2026-27904, CVE-2026-29063, CVE-2026-33891, CVE-2026-33894, CVE-2026-33895, CVE-2026-33896.

Additional notes

  • Changed the default location for logging desktop client crash information to a location that users are more likely to have access to. If a crash occurs, the location is displayed in a dialog.

Perforce ALM License Server 2026.2.0 release notes

Perforce ALM 2026.2.0 contains a newer version of the Perforce ALM License Server (version 2026.3.0).

License server 2026.2.0 only supports Helix ALM/Perforce ALM 2020.1 and later, and Surround SCM 2020.1 and later.

Bug fixes

  • Stopping the Perforce ALM License Server daemon could fail on Linux.

  • Sorting the server log by date could fail to sort correctly.

Security fixes

  • Upgraded ICU to version 78.3 to address potential vulnerabilities: CVE-2025-5222.

  • Upgraded OpenSSL to version 3.5.5 to address potential vulnerabilities: CVE-2025-15467.

Additional notes

  • For new license server installations, the default minimum password length is now 15 characters.