PT-2026-48807
Name of the Vulnerable Software and Affected Versions Arc versions prior to 26.06.1 Description Arc registers Go net/http/pprof handlers at the /debug/pprof/ endpoint. Due to a configuration where /debug/pprof is added to PublicPrefixes and the authentication middleware short-circuits before toke...