CVE-2026-3236 | Octopus Deploy Octopus Server up to 2025.3.14760/2025.4.10408 New API Key authorization

Inserito da Angelo Barbosa | Mar 5, 2026 | CVE

A vulnerability classified as critical has been found in Octopus Deploy Octopus Server up to 2025.3.14760/2025.4.10408. Affected by this vulnerability is an unknown functionality of the component New API Key Handler. Performing a manipulation results in incorrect authorization.

This vulnerability was named CVE-2026-3236. The attack may be initiated remotely. There is no available exploit.

It is recommended to upgrade the affected component.

CVE-2026-3236 | Octopus Deploy Octopus Server up to 2025.3.14760/2025.4.10408 New API Key authorization

Post correlati

CVE-2023-21165 | Google Android devicemem_server.c DevmemtUnmapPMR use after free

CVE-2025-53004 | DataEase up to 2.10.10 sslfactory/sslfactoryarg improper authentication

CVE-2024-3869 | ivole Customer Reviews for WooCommerce Plugin up to 5.46.0 on WordPress woocommerce_json_search_coupons authorization

CVE-2023-32194 | Rancher API privileges management