CVE-2025-68609

Name of the Vulnerable Software and Affected Versions Palantir Apollo Aries Service (affected versions not specified)

Description A flaw exists in Palantir's Aries service that permitted unauthenticated access to log viewing and management features on Apollo instances when using the default configuration. This bypasses authentication and authorization checks, potentially enabling any network-accessible client to view system logs and perform operations without proper credentials. There is no indication that this issue was exploited. The affected functionality involves accessing logs and managing them.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.