CVE-2026-0704 – Octopus Deploy File Traversal Vulnerability

CVE ID : CVE-2026-0704

Published : Feb. 25, 2026, 12:22 p.m. | 45 minutes ago

Description : In affected version of Octopus Deploy it was possible to remove files and/or contents of files on the host using an API endpoint. The field lacked validation which could potentially result in ways to circumvent expected workflows.

Severity: 5.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…