Lucene search
K

6 matches found

NVD
NVD
added 6 days ago8 views

CVE-2026-35210

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 7.260326.0, an authorization bypass vulnerability in OpenCTI allows any authenticated user with KNOWLEDGEKNUPDATE permission to bypass Confidence Level validation and Object Marking...

7.1CVSS0.00269EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/13 10:53 p.m.7 views

CVE-2025-62487

On October 1, 2025, Palantir discovered that images uploaded through the Dossier front-end app were not being marked correctly with the proper security levels. The regression was traced back to a change in May 2025, which was meant to allow file uploads to be shared among different artifacts e.g...

3.5CVSS6.7AI score0.00196EPSS
Exploits0References1
NVD
NVD
added 2026/01/09 10:16 p.m.5 views

CVE-2025-62487

On October 1, 2025, Palantir discovered that images uploaded through the Dossier front-end app were not being marked correctly with the proper security levels. The regression was traced back to a change in May 2025, which was meant to allow file uploads to be shared among different artifacts e.g...

3.5CVSS0.00196EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/09 9:17 p.m.5 views

CVE-2025-62487 Under certain configurations, file artifacts uploaded to the Dossier and Slides apps did not inherit security markings of their parent artifact. This lack of security markings could lead to unintended access to the uploaded files.

On October 1, 2025, Palantir discovered that images uploaded through the Dossier front-end app were not being marked correctly with the proper security levels. The regression was traced back to a change in May 2025, which was meant to allow file uploads to be shared among different artifacts e.g...

3.5CVSS6.4AI score0.00196EPSS
Exploits0References1
CVE
CVE
added 2026/01/09 9:17 p.m.12 views

CVE-2025-62487

CVE-2025-62487 affects Palantir Dossier and Slides apps (Dossier front-end). Root cause: a May 2025 change intended to enable cross-artifact file sharing caused uploads to not be properly marked with security levels. In CBAC-enabled deployments, a security picker dialog lets users set the level, ...

3.5CVSS6.4AI score0.00196EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/09 9:17 p.m.23 views

CVE-2025-62487 Under certain configurations, file artifacts uploaded to the Dossier and Slides apps did not inherit security markings of their parent artifact. This lack of security markings could lead to unintended access to the uploaded files.

On October 1, 2025, Palantir discovered that images uploaded through the Dossier front-end app were not being marked correctly with the proper security levels. The regression was traced back to a change in May 2025, which was meant to allow file uploads to be shared among different artifacts e.g...

3.5CVSS0.00196EPSS
Exploits0References1
Rows per page
Query Builder