Access Control Bypass in Foundry Container Service by Palantir Technologies
CVE-2025-53710

7.5HIGH

Key Information:

Vendor: Palantir
Status: Com.palantir.compute:compute-service; Com.palantir.codeassist2:code-assist-proxy
Vendor: CVE Published:; 18 December 2025

What is CVE-2025-53710?

A misconfiguration in specific deployment types within Palantir’s Foundry Container Service allows pods within the same namespace to communicate with each other. This configuration flaw results in a vulnerability that enables access control bypass, allowing a malicious actor to exploit a compromised endpoint and execute user-controlled commands on the local system.

Affected Version(s)

com.palantir.codeassist2:code-assist-proxy 2.1289.0

com.palantir.compute:compute-service 0.1372.0

References

https://palantir.safebase.us/?tcuUid=4dbae101-79da-433c-8...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 18, 2025
Vulnerability Reserved
Jul 8, 2025

JSON