[Release] ScyllaDB 2025.4.10

Anna · June 17, 2026, 6:35am

The ScyllaDB team is pleased to announce the release of ScyllaDB 2025.4.10, a production-ready patch release for ScyllaDB 2025.4 Feature Release.

Note there is a new Long Term Support (LTS) release 2026.1. You are welcome to upgrade to it for the latest and greatest features.

More information on ScyllaDB Version Support Policy is available here.

Bug Fixes

The following issues are fixed in this release.

Authentication

Stability of the authorization cache is improved when handling legacy “ghost” rows in the role_permissions table. Rows left with a row marker but no permissions column, which could be produced by an earlier auth migration. The cache now guards access to the permissions column and removes the affected code path, so permission cache reloads handle these rows correctly.
scylladb#29757

CQL

Reverse-order (descending) range reads could, in certain multi-version states of a partition, omit rows that should have been returned. The partition snapshot row cursor now retains the latest version’s entry when traversing in reverse, consistent with the forward path, so reverse queries return complete and correct results.
scylladb#29368
When a table has compaction disabled ('enabled': 'false'), DESCRIBE TABLE now reports the table’s configured compaction strategy instead of NullCompactionStrategy. The output is consistent with how the strategy is stored in the schema, so schema descriptions and round-trips accurately reflect the table’s configuration.
scylladb#29804
Robustness of lightweight transactions (LWT) during concurrent schema changes is improved. The prepared-statement entry referenced by the Paxos prepare path is now kept alive for the full duration of statement execution, closing a narrow timing window (for example when prepared-statement cache invalidation coincides with a node restart) that could otherwise interrupt an LWT prepare operation.
scylladb#29675
Connections authenticated with the CertificateAuthorizer now complete full connection setup during startup. This ensures the connection runs under the scheduling group mapped to the user’s service level, releases its slot in the connection-initialization semaphore, and reports READY in system.clients. The result is correct service-level scheduling and resource accounting for certificate-authenticated connections.
scylladb#29945

Materialized Views (MV)

Creation and dropping of materialized views are now fully serialized through a single shard. Previously, concurrent create and drop operations across shards could interleave and leave a stale entry in system.scylla_views_builds_in_progress. Serializing these operations keeps the view-build bookkeeping consistent.
scylladb#27929

Monitoring

Under heavy load, helper services such as node_exporter could receive insufficient CPU time, which led to Prometheus scrape timeouts and false-positive InstanceDown alerts. The scylla-helper.slice CPUWeight is raised from 10 to 100, giving helper services a larger share of CPU relative to the main ScyllaDB service so monitoring agents stay responsive even at maximum load.
scylladb#29839

Repair

Repair requests that specify identical start and end tokens are now rejected with a clear message (Start and end tokens must be different.). Previously such a request was interpreted as a wrapping range covering the entire token ring, which would unintentionally trigger a full repair. This makes the repair API behave predictably and matches Cassandra’s behavior.
scylladb#29821

Security

ScyllaDB now bounds the complexity of CQL expressions to protect against excessive resource use from overly complex queries. The CQL parser limits the nesting depth of function calls and casts, and the number of relations in a WHERE clause is now configurable through the live-updatable max_relations_in_where_claus option (default 100). These limits address CVE-2026-31947 and CVE-2026-31948.
scylladb#14472

Stability

Shutting a node down very early during startup is handled more gracefully. The compaction task-manager module is now always unregistered when the compaction manager stops, even if compaction was not yet enabled, so a fast startup-then-shutdown sequence completes cleanly.
scylladb#30015
A table that is dropped while a concurrent range scan is in progress is now handled safely. The coordinator holds a reference to the table object for the entire duration of query_partition_key_range_concurrent, so a DROP TABLE issued during a long-running scan no longer affects the in-flight query.
scylladb#29988 github.com/scylladb/scylladb/pull/29988
Node drain and shutdown are made more robust. After the messaging service is stopped during drain, in-flight write handlers waiting on responses from remote replicas — which can no longer arrive — are now cancelled, releasing the stale topology versions they hold. This prevents a shutdown stall that could otherwise occur on the topology coordinator or on other nodes. Only handlers with pending remote targets are cancelled, so local and group0 operations needed during the rest of the drain continue normally.
scylladb#29882

Storage

Partition-order validation now compares same-token partition keys using their on-disk byte order, matching how SSTables physically order them. Previously a type-aware comparison could disagree with the byte order for types such as timeuuid, producing a false-positive out-of-order partition warning; in scrub mode this could result in a same-token partition being skipped. The validator now stays consistent with the physical SSTable order.
scylladb#30120

Tablets

Lightweight transactions on tablet-based tables now consistently return tablet routing information to the client. After an internal shard bounce during a CAS (LWT/SERIAL) operation, the routing check could omit the tablets-routing-v1 payload, so the driver did not learn the updated tablet mapping. The coordinator now records the client’s original shard and compares against it, ensuring the routing payload is always included so drivers can route subsequent requests optimally.
scylladb#29910
The tablet load balancer now handles tables that are dropped while balancing is in progress. The balancer operates on a token-metadata snapshot but reads the live schema; a DROP TABLE applied between scheduling points could remove a table the balancer still expected. Dropped tables are now skipped gracefully across the sizing, resize, and constraint-checking paths, so tablet load balancing continues uninterrupted.
scylladb#29937

Topic	Replies	Views
[Release] ScyllaDB 2025.4.8 Release Notes enterprise , enterprise-release , scylladb-2025-4	30	May 21, 2026
[RELEASE] ScyllaDB 2025.2.4 Release Notes enterprise , enterprise-release , scylladb-2025-2	106	December 29, 2025
[RELEASE] ScyllaDB 2026.1.4 Release Notes enterprise , enterprise-release , scylladb-2026-1	91	May 26, 2026
[RELEASE] ScyllaDB 2025.1.4 Release Notes enterprise , enterprise-release , open-source-release , scylladb-2025-1	508	July 13, 2025
[RELEASE] ScyllaDB 2025.4.6 Release Notes enterprise , enterprise-release , scylladb-2025-4	55	April 20, 2026