4 matches found
EUVD-2026-9817
In affected versions of Octopus Server it was possible to create a new API key from an existing access token resulting in the new API key having a lifetime exceeding the original API key used to mint the access token...
CVE-2026-3236
CVE-2026-3236 affects Octopus Server: a vulnerability that allows creating a new API key from an existing access token, resulting in the new key having a longer lifetime than the original. The vulnerability involves API-key minting (noted in the /api/v1/api-keys flow in PT Security’s detailed wri...
CVE-2026-3236
In affected versions of Octopus Server it was possible to create a new API key from an existing access token resulting in the new API key having a lifetime exceeding the original API key used to mint the access token...
PT-2026-23446
Name of the Vulnerable Software and Affected Versions Octopus Server affected versions not specified Description An issue existed in Octopus Server where a new API key could be created from an existing access token. This allowed the new API key to have a longer lifetime than the original access...