CVE-2026-7724 in prefect정보

요약

\~에 의해 MITRE • 2026. 05. 04.

A vulnerability has been found in PrefectHQ prefect up to 3.6.28.dev1. Affected by this vulnerability is the function validate_restricted_url of the component Webhook/Notification. The manipulation leads to time-of-check time-of-use. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 3.6.28.dev2 addresses this issue. The identifier of the patch is 7c70ac54a5e101431d83b9f2681ec88d5e0021ed. Upgrading the affected component is advised.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

VulDB

공개

2026. 05. 04.

모더레이션

수락

항목

VDB-360900

CPE

준비됨

CWE

CWE-367 (확인됨)

익스플로잇

다운로드

CVSS

5.0 (VulDB)

EPSS

0.00026

KEV

아니요

활동

매우 낮음

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-7724
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-7724
CVE Details	https://www.cvedetails.com/cve/CVE-2026-7724/

◂ 이전 개요 다음 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!