EUVD-2026-9817

In affected versions of Octopus Server it was possible to create a new API key from an existing access token resulting in the new API key having a lifetime exceeding the original API key used to mint the access token...

CVE-2026-3236

CVE-2026-3236 affects Octopus Server in affected versions where an attacker can create a new API key from an existing access token, resulting in a new API key with a lifetime longer than the original token. According to the advisory, this yields a low-severity, network-exploitable issue with low ...

CVE-2026-3236

In affected versions of Octopus Server it was possible to create a new API key from an existing access token resulting in the new API key having a lifetime exceeding the original API key used to mint the access token...

PT-2026-23446

Name of the Vulnerable Software and Affected Versions Octopus Server affected versions not specified Description An issue existed in Octopus Server where a new API key could be created from an existing access token. This allowed the new API key to have a longer lifetime than the original access...