Vulnerability Database

319,478

Total vulnerabilities in the database

CVE-2025-68609

A vulnerability in Palantir's Aries service allowed unauthenticated access to log viewing and management functionality on Apollo instances using default configuration. The defect resulted in both authentication and authorization checks being bypassed, potentially allowing any network-accessible client to view system logs and perform operations without valid credentials. No evidence of exploitation was identified during the vulnerability window.

Published: Jan 22, 2026
Updated: Jan 23, 2026
CVE: CVE-2025-68609
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.6
AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-305

Affected Software
References

No affected software listed.

https://palantir.safebase.us/?tcuUid=955a313a-1735-48a6-9fb4-e10404f14eb5

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo