---
title: "v1.15"
description: "Contains release notes of Nirmata Enterprise for Kyverno v1.15"
diataxis: reference
applies_to:
  product: "nirmata-control-hub"
audience: ["platform-engineer"]
last_updated: 2026-03-25
url: https://docs.nirmata.io/docs/release-notes/n4k/v1.15/
---


The latest version of the 1.15 release of Enterprise Kyverno is **v1.15.2-n4k.nirmata.1**.

For a complete list of changes, refer to the upstream Changelog.

- [v1.15.0](https://github.com/kyverno/kyverno/releases/tag/v1.15.0)
- [v1.15.1](https://github.com/kyverno/kyverno/releases/tag/v1.15.1)
- [v1.15.2](https://github.com/kyverno/kyverno/releases/tag/v1.15.2)

## v1.15.2-n4k.nirmata.1
**Bug Fixes**
- Backport a bug fix for custom messages in pod controllers ([PR #13952](https://github.com/kyverno/kyverno/pull/13952)).

## v1.15.1-n4k.nirmata.1

**New Policy Types**
- MutatingAdmissionPolicy (MPOL) with admission flow integration, background reporting, mutate existing resources, and CLI support
- GeneratingPolicy (GPOL) with admission flow integration, background reporting, generate existing resources, and CLI support
- DeletingPolicy (DPOL) with in-cluster and off-cluster cleanup capabilities via CLI operations

**OpenReports Integration (Alpha)**
- Switched policy reports to OpenReports implementation

**CLI Enhancements**
- Multiple output formats (JSON, YAML, Markdown, JUnit) for test command
- Added `--cluster-wide-resources` flag to apply command
- Added `skipColor` flag for CLI output
- Support for cloning from private repositories in apply command
- Fixed YAML separator support in LoadTest with proper error handling

### Changes
- ValidatingAdmissionPolicy generation enabled by default
- Renamed CEL operator `image()` to `parseImageReference`
- Removed deprecated CLI APIs
- Improved ValidatingAdmissionPolicy performance

### Bug Fixes
- Fixed CVE-2025-47907 security vulnerability
- Fixed JSON logging format issues
- Fixed panic when resolving kinds fails for CEL-based policies
- Fixed GlobalContextEntry refresh interval updates
- Fixed reports controller wildcard resource matching
- Fixed shallow variable escaping during validation
- Updated OpenReports module references

### Helm Chart Updates
- Added MutatingAdmissionPolicy and ValidatingAdmissionPolicy CRDs
- Enhanced ServiceMonitor annotations support
- Added PodDisruptionBudget configuration options
- Service account token automount configuration
- Support for Kubernetes 1.31+ traffic distribution

### Dependencies
- Bumped Kubernetes dependencies to v1.33
- Updated security and tooling dependencies