Unrated severityNVD Advisory· Published Feb 11, 2025· Updated Mar 18, 2025

CVE-2025-0526

Description

In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows.

Affected products

Octopus/Octopusdeployllm-fuzzy
Octopus/Servercpe-rescue
Range: 2022.4.791

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

advisories.octopus.com/post/2024/sa2025-03/mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000