Skip to main content

Gradient

1 CVEs product

Monthly

CVE-2026-44592 CRITICAL Act Now

Unauthenticated remote attackers can register rogue workers in Gradient CI 1.1.0 when GRADIENT_DISCOVERABLE is enabled (default configuration), gaining access to all organizational jobs and the ability to inject malicious build artifacts into shared storage. The attacker sends a fresh worker UUID to /proto endpoint, obtaining PeerAuth::Open privileges that bypass organization isolation. Vendor-released patch: version 1.1.1. CVSS 9.4 Critical with network vector and no authentication required. No active exploitation confirmed (not in CISA KEV), but EPSS data unavailable for this 2026 CVE ID.

Authentication Bypass Gradient
NVD GitHub VulDB
CVSS 3.1
9.4
EPSS
0.0%
EPSS 0% CVSS 9.4
CRITICAL Act Now

Unauthenticated remote attackers can register rogue workers in Gradient CI 1.1.0 when GRADIENT_DISCOVERABLE is enabled (default configuration), gaining access to all organizational jobs and the ability to inject malicious build artifacts into shared storage. The attacker sends a fresh worker UUID to /proto endpoint, obtaining PeerAuth::Open privileges that bypass organization isolation. Vendor-released patch: version 1.1.1. CVSS 9.4 Critical with network vector and no authentication required. No active exploitation confirmed (not in CISA KEV), but EPSS data unavailable for this 2026 CVE ID.

Authentication Bypass Gradient
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy