Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/05/15 7:57 p.m.14 views

CVE-2026-42572

Hatchet is a platform for orchestrating background tasks, AI agents, and durable workflows at scale. Prior to 0.83.39, a missing authorization directive on the GET /api/v1/stable/dags/tasks endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any...

6.5CVSS5.8AI score0.00181EPSS
Exploits0References1
NVD
NVD
added 2026/05/14 6:16 p.m.16 views

CVE-2026-42572

Hatchet is a platform for orchestrating background tasks, AI agents, and durable workflows at scale. Prior to 0.83.39, a missing authorization directive on the GET /api/v1/stable/dags/tasks endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any...

6.5CVSS0.00181EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 4:58 p.m.10 views

CVE-2026-42572

Hatchet is a platform for orchestrating background tasks, AI agents, and durable workflows at scale. Prior to 0.83.39, a missing authorization directive on the GET /api/v1/stable/dags/tasks endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any...

5.3CVSS5.8AI score0.00181EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/14 4:58 p.m.40 views

CVE-2026-42572 Hatchet: Cross-tenant information disclosure in `listTasksByDAGIds`

Hatchet is a platform for orchestrating background tasks, AI agents, and durable workflows at scale. Prior to 0.83.39, a missing authorization directive on the GET /api/v1/stable/dags/tasks endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any...

5.3CVSS0.00181EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/14 4:58 p.m.6 views

CVE-2026-42572 Hatchet: Cross-tenant information disclosure in `listTasksByDAGIds`

Hatchet is a platform for orchestrating background tasks, AI agents, and durable workflows at scale. Prior to 0.83.39, a missing authorization directive on the GET /api/v1/stable/dags/tasks endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any...

5.3CVSS5.8AI score0.00181EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/14 4:58 p.m.10 views

EUVD-2026-30339

Hatchet is a platform for orchestrating background tasks, AI agents, and durable workflows at scale. Prior to 0.83.39, a missing authorization directive on the GET /api/v1/stable/dags/tasks endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any...

5.3CVSS5.8AI score0.00181EPSS
Exploits0References1
Rows per page
Query Builder