Description

A vulnerability in Palantir's Aries service allowed unauthenticated access to log viewing and management functionality on Apollo instances using default configuration. The defect resulted in both authentication and authorization checks being bypassed, potentially allowing any network-accessible client to view system logs and perform operations without valid credentials. No evidence of exploitation was identified during the vulnerability window.

INFO

Published Date :

2026-01-22T19:06:05.914Z

Last Modified :

2026-01-22T19:33:36.287Z

Source :

Palantir
AFFECTED PRODUCTS

The following products are affected by CVE-2025-68609 vulnerability.

Vendors Products
Palantir
  • Aries
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-68609.

URL Resource
https://palantir.safebase.us/?tcuUid=955a313a-1735-48a6-9fb4-e10404f14eb5 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact