Security Advisory

CVE-2026-3236

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-05 10:37:03

Last updated 2026-03-05 14:17:07

Assigner Octopus

State PUBLISHED

Description

In affected versions of Octopus Server it was possible to create a new API key from an existing access token resulting in the new API key having a lifetime exceeding the original API key used to mint the access token.

← Browse all CVEs View on cve.org ↗