Turbo Scan 25.9.87

The September 2025 update to Turbo Scan includes the following improvements:

• Added file clustering service that groups file components into canonical products before CVE matching, reducing false positives where individual files within an installation have different versions than the overall product version
• PE files are now classified as File type instead of Application/Library for better semantic accuracy
• Added SHA-256 hash computation for file components (Hashes property)
• Added certificate thumbprint extraction from digital signatures (turbo:signature[filename]:thumbprint custom property)
• Updated CVE database snapshot as of 2025-09-26

This update includes fixes for the following issues:

• Java version processing not correctly parsing legacy formats (e.g., 1.8.0 u401) and treating updates as exact versions instead of version ranges
• Version range merging bug that incorrectly combined disjoint version ranges, causing false positives
• Redistributable detection did not consider virtual folders (ex. @programfiles@)