Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/05/15 7:57 p.m.14 views

CVE-2026-42572

Hatchet is a platform for orchestrating background tasks, AI agents, and durable workflows at scale. Prior to 0.83.39, a missing authorization directive on the GET /api/v1/stable/dags/tasks endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any...

6.5CVSS5.8AI score0.00181EPSS
Exploits0References1
NVD
NVD
added 2026/05/14 6:16 p.m.16 views

CVE-2026-42572

Hatchet is a platform for orchestrating background tasks, AI agents, and durable workflows at scale. Prior to 0.83.39, a missing authorization directive on the GET /api/v1/stable/dags/tasks endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any...

6.5CVSS0.00181EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 4:58 p.m.10 views

CVE-2026-42572

Hatchet is a platform for orchestrating background tasks, AI agents, and durable workflows at scale. Prior to 0.83.39, a missing authorization directive on the GET /api/v1/stable/dags/tasks endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any...

5.3CVSS5.8AI score0.00181EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/14 4:58 p.m.40 views

CVE-2026-42572 Hatchet: Cross-tenant information disclosure in `listTasksByDAGIds`

Hatchet is a platform for orchestrating background tasks, AI agents, and durable workflows at scale. Prior to 0.83.39, a missing authorization directive on the GET /api/v1/stable/dags/tasks endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any...

5.3CVSS0.00181EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/14 4:58 p.m.6 views

CVE-2026-42572 Hatchet: Cross-tenant information disclosure in `listTasksByDAGIds`

Hatchet is a platform for orchestrating background tasks, AI agents, and durable workflows at scale. Prior to 0.83.39, a missing authorization directive on the GET /api/v1/stable/dags/tasks endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any...

5.3CVSS5.8AI score0.00181EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/14 4:58 p.m.10 views

EUVD-2026-30339

Hatchet is a platform for orchestrating background tasks, AI agents, and durable workflows at scale. Prior to 0.83.39, a missing authorization directive on the GET /api/v1/stable/dags/tasks endpoint caused Hatchet's tenant-membership check to be skipped for this route. A user authenticated to any...

5.3CVSS5.8AI score0.00181EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.15 views

hatchet 安全漏洞

Hatchet is an open-source backend task and AI workflow orchestration engine developed by Hatchet. Versions of Hatchet prior to 0.83.39 contained security vulnerabilities. These vulnerabilities stemmed from the lack of authorization instructions for the GET /api/v1/stable/dags/tasks endpoint,...

6.5CVSS5.8AI score0.00181EPSS
Exploits0References2
Rows per page
Query Builder