Try JFrog
Guides
Contact SupportTry JFrog
  1. JFrog ML

JFrog ML Release Notes 2026

Updates about the latest features and enhancements in JFrog ML

Welcome to the JFrog ML Release Notes. Below you will find the details of the latest releases.

Latest Release: H1 2026 (January–June)

Features

Agent Guard

  • Agent Guard rebranding: Rebranded from MCP Gateway with new decoupled architecture — tool isolation prevents cascading failures, and security policy updates apply without downtime. The legacy npx @jfrog/mcp-gateway command continues to work; use npx @jfrog/agent-guard for new deployments.

MCP Catalog and Governance

  • MCP Catalog discovery: Searchable, filterable catalog UI with full-text search by name, category filters (npm, Python, Docker), and dedicated server-detail pages showing metadata and security status.
  • Per-tool MCP governance: Admins can now selectively enable or block individual MCP tools (such as delete_file or execute_query) before developers use them in their IDE.
  • Project-scoped MCP Gateway setup: Installation scripts for Bash and PowerShell are now pre-populated with your project context, eliminating manual configuration.
  • Curation policy integration for MCPs: MCP entries now display vulnerability scan results, dependency information, licenses, and approval status from JFrog Curation policies.

AI Catalog and Registry

  • Model governance visibility: Model page now displays approval status (Blocked, Approved, Waiver Pending) and a Policies tab explaining why a model is restricted and which rules apply.
  • Model Group-scoped Registry: Allowed Assets table and counters are now filtered by your assigned Model Groups — you see only resources relevant to your work.
  • Clearer governance error messages: Allow and Restrict actions on models and MCP servers now provide specific, actionable error messages instead of generic failures.

NVIDIA NIM Integration

  • NVIDIA NIM models in AI Catalog: NIM models now appear as searchable catalog entries with human-readable names (for example, Llama-3-8B-Instruct) and filters for Model Type, Tasks, Framework, and Licensing.
  • NIM governance: NIM execution engines and model weights are now governed through a secure allow-list. Developers see clear approval status and ready-to-use deployment instructions.

Self-Hosted Deployment

  • Self-Hosted JFrog ML on AWS and GCP: JFrog ML is now production-ready for self-managed cluster deployments on both cloud platforms.
  • Streaming feature sets on Self-Hosted: The Streaming Execution Manager now supports streaming and streaming-aggregation feature sets in Self-Hosted environments alongside SaaS.

Overview Page and Runtime

  • AI ecosystem Overview page: New Overview page bridges detection telemetry with curated registry assets, highlighting coverage gaps across your AI infrastructure in a single executive view.
  • Runtime usage visibility: New graph on the Overview page shows total calls to custom model deployments, package models, and external endpoints, with filters by project and time range.
  • Automatic GenAI model undeploy: Deployed GenAI models are now automatically undeployed under configurable conditions, reducing stale workloads and resource consumption.

Fixes

Models management and deployment

  • Fixed pull image secret updates that caused active model deployments to fail.
  • Fixed model deletion failures and undeploy flow issues including orphaned tokens.
  • Fixed Model Deployment Manager configuration for Hugging Face remote repository writes.
  • Fixed Custom Models missing from the allowed list.
  • Fixed duplicate-project blocking in the Manage Model workflow.
  • Fixed model identifiers for open-source model deployments.
  • Fixed Fixed Replicas toggle disabling open-source deployment.
  • Fixed Deploy button incorrectly disabled in zero-environment state.
  • Fixed "Use Model" script identifiers for Hugging Face models.

MCP and Agent Guard

  • Fixed Custom MCP tool blocking failures.
  • Fixed Agent Guard prompts for custom MCP header authentication.
  • Fixed MCP environment variable handling for required, optional, and custom inputs.
  • Fixed MCP blocking inside Cursor.
  • Fixed MCP Servers list filtering in the AI Catalog.
  • Fixed Package Catalog empty-response errors when querying by name and type.
  • Fixed missing entitlement checks on the MCP Registry.

AI Catalog and governance

  • Fixed model restriction returning unauthenticated errors.
  • Fixed AI/ML routes available when the jfrog_ml entitlement is disabled.
  • Security fix: The backend now requires explicit verification before approving models or MCP servers flagged as malicious.
  • Fixed Connections page inconsistencies.
  • Fixed timeout errors when allowing an MCP in a project.
  • Fixed Discovery page text search when filtering for Allowed models.
  • Fixed external model code snippets in the AI Catalog.
  • Fixed broken package redirect on model cards.
  • Fixed OpenAI base URL in cURL code snippets for package models.
  • Fixed NIM remote model URLs in "Use Model" code snippets.
  • Fixed broken link to admin repositories.
  • Fixed RBAC issue in the Allow Model and Allow MCP workflows.

Hugging Face integration

  • Fixed Hugging Face remote repository keys not persisting to Model Group settings.

Feature store and batch

  • Fixed missing cron-expression validation in the feature manager.
  • Fixed critical backfill issue that could delete entire feature sets.
  • Fixed feature-set serving permission errors and feature-set discovery issues.

Platform and infrastructure

  • Fixed streaming models not reporting metrics correctly in hybrid environments.
  • Fixed Secret Service configuration for RBAC checks.
  • Fixed Model Repository Scope creation requiring full Project Admin instead of Project membership.
  • Fixed External Model view scroll issue.
  • Fixed Get Model Group Secret operation failures.

Updated about 6 hours ago