What is GHSA-hw3f-962q-p4vj?

GHSA-hw3f-962q-p4vj is a security advisory published by GitHub Security Advisories with Medium severity. In affected versions of Octopus Server, permissions were not checked correctly resulting in any...

Which CVE IDs does GHSA-hw3f-962q-p4vj cover?

GHSA-hw3f-962q-p4vj covers the following CVE IDs: CVE-2026-4881. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

GHSA-hw3f-962q-p4vjMedium

In affected versions of Octopus Server, permissions were not checked correctly resulting in any...

Vendor

GitHub Security Advisories

Published

June 4, 2026

Last Modified

June 4, 2026

🔗 CVE IDs covered (1)

CVE-2026-4881 →

📋 Description

In affected versions of Octopus Server, permissions were not checked correctly resulting in any authenticated user being able to make server level changes using a certain API endpoint despite receiving an error.

🔗 References (3)

https://nvd.nist.gov/vuln/detail/CVE-2026-4881
https://advisories.octopus.com/post/2026/sa2026-04
https://github.com/advisories/GHSA-hw3f-962q-p4vj