Skip to content
All releases Release 96.1

Factor Platform, performance improvements and new features in Kpow and Flex

Factor House·June 5, 2026

Downloads

Artifacts published with release 96.1.

Kpow can be found on Dockerhub

View our Docker quick start guide for help getting started.

Data Lineage

Factor Platform captures OpenLineage metadata across your connected source systems (such as Kafka, Flink, and Iceberg) to provide a clear view of data-flow and dependencies within your environment.

In this release, we introduce support for using a Schema Registry as a source of data lineage metadata.

__wf_reserved_inherit
Dataset Schema

Factor Platform can map annotated schema metadata to OpenLineage Dataset facets.

Mappings are specified per schema type (e.g. Avro or JSON Schema) at the Schema Registry level and can be defined through the UI via a wizard, or through the API.

__wf_reserved_inherit
Dataset Info

Once configured, Factor Platform will evaluate schema lineage metadata every minute, allowing you to:

  • View an OpenLineage-conforming Dataset describing the metadata from each schema.
  • Report on dataset quality issues such as malformed or null mappings and missing fields.
  • Filter and search by lineage metadata (ownership, tags, etc) in the Factor Platform UI
__wf_reserved_inherit
Dataset Schema

See our Factor Platform documentation for more information on configuring a Kafka Schema registry as a source of data lineage metadata.

Clone to Topic

Kpow users can now reproduce messages from one topic to another without the option of modifying the message payload.

__wf_reserved_inherit
Cone to topic

Performance updates

JVM 25 baseline and Jetty 12.1

In this release, we update the networking framework that underpins Factor House products to Jetty 12.1, we also advance the base image of our Docker container to Amazon Corretto 25, moving program execution to JVM 25.

These changes allow us to address all outstanding CVE, meaning that at the point of releasing 96.1 there are zero known CVE in any Factor House product. These changes also bring performance improvements, and in our benchmarking we have found a general reduction in Heap and CPU consumption with this change of 25%-30% across different workloads.

We are also pleased that in the completion of this work we identified and resolved an OOM issue that could impact Kpow instances that are serving a high number of concurrent users.

We continue to support Java 8, 11, 17, 21, and 25 JAR builds for each product release.

Changelog

  • Update to JVM 25 and Jetty 12.1
  • Introduce data lineage derived from schema registry metadata
  • Introduce new 'Clone to topic' function for message replay without modification
  • Introduce wildcard '*' action for RBAC policies
  • Introduce SNAPSHOT_CONFIG_PERIOD_MS to provide configurable config period
  • Introduce JETTY_SECURE_COOKIE flag to require secure cookies when ssl terminated at proxy
  • Improve UI behavior and performance with large datasets and long field-names
  • Improve broker and topic filtering when viewing consumer groups
  • Improve tenant materialization performance
  • Fix empty consumer count by removing simple consumers from the empty consumer total
  • Fix simple consumer topic summary information
  • Fix OpenID Connect authentication error when presented with an overage claim
  • Fix sort-by columns for consumer topic, host, and broker views
  • Fix potential OOM when supporting a high number of concurrent users
  • Fix simple consumer offset-reset function

CVE Resolved

  • CRITICAL CVE-2026-4140 org.apache.mina:mina-core
  • CRITICAL CVE-2026-4163 org.apache.mina:mina-core
  • CRITICAL CVE-2026-4277 org.apache.mina:mina-core
  • CRITICAL CVE-2026-4277 org.apache.mina:mina-core
  • CRITICAL CVE-2026-4202 org.apache.opennlp:opennlp-tools
  • CRITICAL CVE-2026-4068 org.apache.opennlp:opennlp-tools
  • HIGH CVE-2026-4258 io.netty:netty-codec
  • HIGH CVE-2026-4257 io.netty:netty-codec-dns
  • HIGH CVE-2026-4258 io.netty:netty-codec-http
  • HIGH CVE-2026-4258 io.netty:netty-codec-http
  • HIGH CVE-2026-4258 io.netty:netty-codec-http2
  • HIGH CVE-2026-34480 org.apache.logging.log4j
  • HIGH CVE-2026-34478 org.apache.logging.log4j
  • HIGH CVE-2026-4244 org.apache.opennlp:opennlp-tools
  • HIGH CVE-2026-233 org.eclipse.jetty:jetty-http
  • MEDIUM CVE-2026-4258 io.netty:netty-codec-http
  • MEDIUM CVE-2026-4258 io.netty:netty-codec-http
  • MEDIUM CVE-2026-4258 io.netty:netty-codec-http
  • MEDIUM CVE-2026-4141 io.netty:netty-codec-http
  • MEDIUM CVE-2026-686 io.vertx:vertx-core
  • MEDIUM CVE-2026-3447 org.apache.logging.log4j:log4j-1.2-api
  • MEDIUM CVE-2026-3447 org.apache.logging.log4j:log4j-core
  • MEDIUM CVE-2026-3447 org.apache.logging.log4j:log4j-core
  • MEDIUM CVE-2026-3448 org.apache.logging.log4j:log4j-core
  • MEDIUM CVE-2024-676 org.eclipse.jetty:jetty-http
  • LOW CVE-2026-4257 io.netty:netty-handler-proxy
  • LOW CVE-2025-1114 org.eclipse.jetty:jetty-http