CVE-2025-53710

Published: Dec 18, 2025Modified: Dec 19, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.6 / Impact: 5.9

Source: cve-coordination@palantir.com (Secondary)

Description

Due to a product misconfiguration in certain deployment types, it was possible from different pods in the same namespace to communicate with each other. This issue resulted in bypass of access control due to the presence of a vulnerable endpoint in Foundry Container Service that executed user-controlled commands locally.

Related CWEs

CWE-653

Improper Isolation or Compartmentalization

The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions.

References (1)

https://palantir.safebase.us/?tcuUid=4dbae101-79da-433c-8184-c70b78f4701b

Source: cve-coordination@palantir.com

Timeline

No history available yet.