Skip to main content

Prefect CVE-2026-7724

| EUVDEUVD-2026-26879 LOW
Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)
2026-05-04 VulDB
1.3
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
1.3 LOW
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

9
PoC Detected
May 04, 2026 - 15:18 vuln.today
Public exploit code
Source Code Evidence Fetched
May 04, 2026 - 03:30 vuln.today
Analysis Generated
May 04, 2026 - 03:30 vuln.today
Severity Changed
May 04, 2026 - 03:22 NVD
MEDIUM LOW
CVSS changed
May 04, 2026 - 03:22 NVD
5.0 (MEDIUM) 1.3 (LOW)
EUVD ID Assigned
May 04, 2026 - 03:00 euvd
EUVD-2026-26879
Analysis Generated
May 04, 2026 - 03:00 vuln.today
Patch released
May 04, 2026 - 03:00 nvd
Patch available
CVE Published
May 04, 2026 - 02:45 nvd
LOW 1.3

DescriptionCVE.org

A vulnerability has been found in PrefectHQ prefect up to 3.6.28.dev1. Affected by this vulnerability is the function validate_restricted_url of the component Webhook/Notification. The manipulation leads to time-of-check time-of-use. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 3.6.28.dev2 addresses this issue. The identifier of the patch is 7c70ac54a5e101431d83b9f2681ec88d5e0021ed. Upgrading the affected component is advised.

AnalysisAI

Time-of-check time-of-use (TOCTOU) vulnerability in Prefect's validate_restricted_url function allows remote attackers with low privileges to bypass Server-Side Request Forgery (SSRF) protections via DNS rebinding attacks during webhook and notification delivery. Publicly available exploit code exists. The vulnerability affects Prefect versions up to 3.6.28.dev1 and is fixed in 3.6.28.dev2.

Technical ContextAI

The vulnerability exists in the webhook and notification components' URL validation logic (CWE-367: Improper Synchronization). The validate_restricted_url function performs initial DNS resolution and IP validation to prevent SSRF attacks targeting private addresses, but this validation occurs before the actual HTTP connection is established. An attacker can exploit the time gap between validation and connection by performing DNS rebinding: the hostname initially resolves to a public IP (passing validation), then resolves to a private IP (like 127.0.0.1 or 10.0.0.0/8) when the HTTP client actually establishes the connection. The fix implements SSRFProtectedAsyncHTTPTransport and SSRFProtectedHTTPTransport that re-validate the resolved IP at connection time and pin the connection to the pre-resolved address, eliminating the TOCTOU window. The patch also upgrades from socket.gethostbyname (which returns only the first A record) to socket.getaddrinfo (which validates all resolved addresses), closing an additional bypass where a hostname publishes both public and private records.

RemediationAI

Upgrade to Prefect version 3.6.28.dev2 or later, which includes the fix identified by commit 7c70ac54a5e101431d83b9f2681ec88d5e0021ed and released at https://github.com/PrefectHQ/prefect/releases/tag/3.6.28.dev2. The patch replaces simple DNS validation with SSRF-protected HTTP transports that re-validate resolved IPs at connection time and enforce IP pinning. No workarounds are available short of upgrading, as the vulnerability is structural to the validation-before-connection pattern. Organizations unable to upgrade immediately should restrict webhook and notification destinations to allowlisted fully-qualified domain names (FQDNs) that resolve only to public IP addresses, disable dynamic DNS for notification targets, and implement network segmentation to prevent HTTP clients from reaching internal services-these controls mitigate but do not eliminate the risk, as DNS rebinding can still occur within the allowed set.

Share

CVE-2026-7724 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy