Palantir Palantir

  1. Vendors
  2. Palantir

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Palantir product.

RSS Feeds for Palantir security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Palantir products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Palantir Sorted by Most Security Vulnerabilities since 2018

Palantir Gotham6 vulnerabilities

Palantir Gotham Static Assets Servlet1 vulnerability

Palantir Gotham Blackbird Witchcraft1 vulnerability

By the Year

In 2026 there have been 2 vulnerabilities in Palantir with an average score of 5.1 out of ten. Last year, in 2025 Palantir had 4 security vulnerabilities published. At the current rates, it appears that the number of vulnerabilities last year and this year may equal out. Last year, the average CVE base score was greater by 1.83




Year Vulnerabilities Average Score
2026 2 5.05
2025 4 6.88
2024 1 6.50
2023 27 5.85
2022 5 7.00

It may take a day or so for new Palantir vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Palantir Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2025-68609 Jan 22, 2026
Palantir Aries: Unauth Log View/Manage Bypass via Default Config A vulnerability in Palantir's Aries service allowed unauthenticated access to log viewing and management functionality on Apollo instances using default configuration. The defect resulted in both authentication and authorization checks being bypassed, potentially allowing any network-accessible client to view system logs and perform operations without valid credentials. No evidence of exploitation was identified during the vulnerability window.
CVE-2025-62487 Jan 09, 2026
Palantir Dossier Image Upload Security Level Misassignment in CBACDisabled Deployments On October 1, 2025, Palantir discovered that images uploaded through the Dossier front-end app were not being marked correctly with the proper security levels. The regression was traced back to a change in May 2025, which was meant to allow file uploads to be shared among different artifacts (e.g. other dossiers and presentations). On deployments configured with CBAC, the front-end would present a security picker dialog to set the security level on the uploads, thereby mitigating the issue. On deployments without a CBAC configuration, no security picker dialog appears, leading to a security level of CUSTOM with no markings or datasets selected. The resulting markings and groups for the file uploads thus will be only those added by the default authorization rules defined in the Auth Chooser configuration. On most environments, it is expected that the default authorization rules only add the Everyone group.
Gotham
CVE-2023-30971 Dec 19, 2025
Gotham Gaia unauthenticated endpoint exposure Gotham Gaia application was found to be exposing multiple unauthenticated endpoints.
CVE-2024-49587 Dec 19, 2025
Unauthenticated Glutton V1 endpoints on Gotham stacks Glutton V1 service endpoints were exposed without any authentication on Gotham stacks, this could have allowed users that did not have any permission to hit glutton backend directly and read/update/delete data. The affected service has been patched and automatically deployed to all Apollo-managed Gotham Instances
Gotham
CVE-2025-53710 Dec 18, 2025
Foundry Container Service: Pod Misconfig Enables Local Command Exec Due to a product misconfiguration in certain deployment types, it was possible from different pods in the same namespace to communicate with each other. This issue resulted in bypass of access control due to the presence of a vulnerable endpoint in Foundry Container Service that executed user-controlled commands locally.
CVE-2025-64400 Dec 18, 2025
Control Panel API Pre-Register User Without Org Check Vulnerability Control Panel provides an API for pre-registering into an enrollment and organization prior to a user's first login. The API for creating users checks that the account requesting a user creation has `edit` on the enrollment-level user directory, but is missing a separate check that the enrollment editor has access (or belongs to) the organization that they are adding a user to.
CVE-2023-30970 Jan 29, 2024
Gotham Table Service Path Traversal (CVE-2023-30970) - Authenticated File Read Gotham Table service and Forward App were found to be vulnerable to a Path traversal issue allowing an authenticated user to read arbitrary files on the file system.
Gotham Blackbird Witchcraft
Gotham Static Assets Servlet
CVE-2023-30954 Nov 15, 2023
Race Condition in Gotham Video-Application-Server Prevents ACL Application The Gotham video-application-server service contained a race condition which would cause it to not apply certain acls new videos if the source system had not yet initialized.
Video Application Server
CVE-2023-30969 Oct 26, 2023
API Auth Bypass in Palantir Tiles1 Service The Palantir Tiles1 service was found to be vulnerable to an API wide issue where the service was not performing authentication/authorization on all the endpoints.
Tiles
CVE-2023-30967 Oct 26, 2023
Gotham OrbitalSimulator <0.692.0 Path Traversal Vulnerability Gotham Orbital-Simulator service prior to 0.692.0 was found to be vulnerable to a Path traversal issue allowing an unauthenticated user to read arbitrary files on the file system.
Orbital Simulator
CVE-2023-30961 Sep 27, 2023
Palantir Gotham Frontend Classification Bug Palantir Gotham was found to be vulnerable to a bug where under certain circumstances, the frontend could have applied an incorrect classification to a newly created property or link.
Titanium Browser App Bundle
Gotham Fe Bundle
Gotham
And others...
CVE-2023-30959 Sep 27, 2023
Apollo XSS via JS URI in Change Request Comments In Apollo change requests, comments added by users could contain a javascript URI link that when rendered will result in an XSS that require user interaction.
Apollo Autopilot
CVE-2023-30962 Sep 12, 2023
Cerberus XSS in Gotham Cerberus service before 100.230704.0-27-g031dd58 The Gotham Cerberus service was found to have a stored cross-site scripting (XSS) vulnerability that could have allowed an attacker with access to Gotham to launch attacks against other users. This vulnerability is resolved in Cerberus 100.230704.0-27-g031dd58 .
Gotham Cerberus
CVE-2023-30951 Aug 03, 2023
Foundry Magritte Plugin rest-source XXE vulnerability The Foundry Magritte plugin rest-source was found to be vulnerable to an an XML external Entity attack (XXE).
Magritte Rest Source Bundle
CVE-2023-30950 Aug 03, 2023
Unauth Info Disclosure in Foundry Campaigns Service REST Endpoint The foundry campaigns service was found to be vulnerable to an unauthenticated information disclosure in a rest endpoint
Foundry Campaigns
CVE-2023-30952 Aug 03, 2023
Foundry Issues Frontend XSS via Issue Creation (fixed 6.228.0) A security defect was discovered in Foundry Issues that enabled users to create convincing phishing links by editing the request sent when creating an Issue. This defect was resolved in Frontend release 6.228.0 .
Foundry
CVE-2023-30949 Jul 26, 2023
CVE-2023-30949: Origin Validation Flaw in Slate Sandbox Enables Phishing A missing origin validation in Slate sandbox could be exploited by a malicious user to modify the page's content, which could lead to phishing attacks.
Slate
CVE-2023-30960 Jul 10, 2023
Foundry job-tracker Unauthorized Metadata Access (v<4.645.0) A security defect was discovered in Foundry job-tracker that enabled users to query metadata related to builds on resources they did not have access to. This defect was resolved with the release of job-tracker 4.645.0. The service was rolled out to all affected Foundry instances. No further intervention is required.
Foundry Job Tracker
CVE-2023-30956 Jul 10, 2023
Foundry Comments <2.267.0: Attachment Disclosure via Internal UUID A security defect was identified in Foundry Comments that enabled a user to discover the contents of an attachment submitted to another comment if they knew the internal UUID of the target attachment. This defect was resolved with the release of Foundry Comments 2.267.0.
Foundry Comments
CVE-2023-30963 Jul 10, 2023
Foundry Frontend 6.229.0: Stored XSS in Slate via CSP bypass A security defect was discovered in Foundry Frontend which enabled users to perform Stored XSS attacks in Slate if Foundry's CSP were to be bypassed. This defect was resolved with the release of Foundry Frontend 6.229.0. The service was rolled out to all affected Foundry instances. No further intervention is required.
Foundry Frontend
CVE-2023-22835 Jul 10, 2023
Denial of Service in Foundry Issues 2.510.0 via Malformed Issue Data A security defect was identified that enabled a user of Foundry Issues to perform a Denial of Service attack by submitting malformed data in an Issue that caused loss of frontend functionality to all issue participants. This defect was resolved with the release of Foundry Issues 2.510.0 and Foundry Frontend 6.228.0.
Foundry Frontend
Foundry Issues
CVE-2023-30946 Jun 29, 2023
Foundry Issues API Metadata Leak (CVE-2023-30946) A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query Foundry's Notification API and receive metadata about the issue including the RID of the issue, severity, internal UUID of the author, and the user-defined title of the issue.
Foundry Issues
CVE-2023-30955 Jun 29, 2023
Auth Bypass in Foundry workspace-server before v7.7.0 A security defect was identified in Foundry workspace-server that enabled a user to bypass an authorization check and view settings related to 'Developer Mode'. This enabled users with insufficient privilege the ability to view and interact with Developer Mode settings in a limited capacity. A fix was deployed with workspace-server 7.7.0.
Foundry Workspace Server
CVE-2023-22834 Jun 27, 2023
Contour Service RBAC Bypass Enables Unauthorized Analysis Creation The Contour Service was not checking that users had permission to create an analysis for a given dataset. This could allow an attacker to clutter up Compass folders with extraneous analyses, that the attacker would otherwise not have permission to create.
Contour
CVE-2023-30945 Jun 26, 2023
VHS/VCD/Clips2: Unauth File Read/Write via Bad Filename Validation Multiple Services such as VHS(Video History Server) and VCD(Video Clip Distributor) and Clips2 were discovered to be vulnerable to an unauthenticated arbitrary file read/write vulnerability due to missing input validation on filenames. A malicious attacker could read sensitive files from the filesystem or write/delete arbitrary files on the filesystem as well.
Clips2
Video History Service
Video Clip Distributor
And others...
CVE-2023-22833 Jun 06, 2023
Palantir Foundry Lime2 2.519-2.532 Auth Bypass via ACL flaw Palantir Foundry deployments running Lime2 versions between 2.519.0 and 2.532.0 were vulnerable a bug that allowed authenticated users within a Foundry organization to bypass discretionary or mandatory access controls under certain circumstances.
Foundry
CVE-2023-30948 Jun 06, 2023
Foundry Comments Auth Bypass via Attachment UUID before 2.249.0 A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to comments not being gated by additional authorization checks. This could enable an authenticated user to inject a prior discovered attachment UUID into other arbitrary comments to discover it's content. This defect was fixed in Foundry Comments 2.249.0, and a patch was rolled out to affected Foundry environments. No further intervention is required at this time.
Foundry Comments
CVE-2022-48307 Feb 16, 2023
TLS Hostname Verification Bypass in Magritte-ftp Enables MITM It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service. In the case of a successful man in the middle attack on magritte-ftp, an attacker would be able to read and modify network traffic such as authentication tokens or raw data entering a Palantir Foundry stack.
Magritte Ftp
CVE-2022-27897 Feb 16, 2023
Palantir Gotham <3.22.11.2 Unauth Zip Memory Exhaustion Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would load portions of maliciously crafted zip files to memory. An attacker could repeatedly upload a malicious zip file, which would allow them to exhaust memory resources on the dispatch server.
Gotham
CVE-2022-27892 Feb 16, 2023
Gotham <3.22.11.2: unauthenticated memory exhaustion via dispatch service Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would have allowed an attacker to exhaust the memory of the Gotham dispatch service.
Gotham
CVE-2022-27891 Feb 16, 2023
Unauth Enumeration in Palantir Gotham <103.30221005.0 Palantir Gotham included an unauthenticated endpoint that listed all active usernames on the stack with an active session. The affected services have been patched and automatically deployed to all Apollo-managed Gotham instances. It is highly recommended that customers upgrade all affected services to the latest version. This issue affects: Palantir Gotham versions prior to 103.30221005.0.
Gotham
CVE-2022-48306 Feb 16, 2023
Certificate Host Mismatch in Palantir Gotham Chat IRC helper <30221005 Improper Validation of Certificate with Host Mismatch vulnerability in Gotham Chat IRC helper of Palantir Gotham allows A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service. This issue affects: Palantir Palantir Gotham Chat IRC helper versions prior to 30221005.210011.9242.
Gotham Chat Irc
CVE-2022-48308 Feb 16, 2023
TLS Hostname Verification Bypass in sls-logging (Java) It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service.
Sls Logging
CVE-2022-27890 Feb 16, 2023
TLS Hostname Validation Bypass in Palantir AtlasDB Logging (MITM) It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack would allow them to intercept, read, or modify network communications to and from the affected service. In the case of AtlasDB, the vulnerability was mitigated by other network controls such as two-way TLS when deployed as part of a Palantir platform. Palantir still recommends upgrading to a non-vulnerable version out of an abundance of caution.
Atlasdb
CVE-2022-27895 Nov 15, 2022
Foundry Log Info Exposure via Build2 <1.785.0 Information Exposure Through Log Files vulnerability discovered in Foundry when logs were captured using an underlying library known as Build2. This issue was present in versions earlier than 1.785.0. Upgrade to Build2 version 1.785.0 or greater.
Foundry Build2
CVE-2022-27896 Nov 14, 2022
Palantir Foundry CW 4.1444.460 Log Exposure via Endpoint, fixed 4.461 Information Exposure Through Log Files vulnerability discovered in Foundry Code-Workbooks where the endpoint backing that console was generating service log records of any Python code being run. These service logs included the Foundry token that represents the Code-Workbooks Python console. Upgrade to Code-Workbooks version 4.461.0. This issue affects Palantir Foundry Code-Workbooks version 4.144 to version 4.460.0 and is resolved in 4.461.0.
Foundry Code Workbooks
CVE-2022-27894 Nov 04, 2022
Foundry Blobster 3.228.0 XSS Vulnerability in Blobster Service The Foundry Blobster service was found to have a cross-site scripting (XSS) vulnerability that could have allowed an attacker with access to Foundry to launch attacks against other users. This vulnerability is resolved in Blobster 3.228.0.
Foundry Blobster
CVE-2022-27889 Jun 14, 2022
The Multipass service was found to have code paths The Multipass service was found to have code paths that could be abused to cause a denial of service for authentication or authorization operations. A malicious attacker could perform an application-level denial of service attack, potentially causing authentication and/or authorization operations to fail for the duration of the attack. This could lead to performance degradation or login failures for customer Palantir Foundry environments. This vulnerability is resolved in Multipass 3.647.0. This issue affects: Palantir Foundry Multipass versions prior to 3.647.0.
Foundry Multipass
CVE-2022-27888 Apr 26, 2022
Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information (session tokens) Foundry Issues service versions 2.244.0 to 2.249.0 was found to be logging in a manner that captured sensitive information (session tokens). This issue was fixed in 2.249.1.
Foundry Issues
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.