External risk intelligence

Gradient CI can be controlled by anyone who can reach it, allowing them to upload any files.

CVE advisorySeverity: CRITICAL (CVSS 9.4)

CVE-2026-44592

An external attacker can exploit a flaw in Gradient to register unauthorized systems, granting them access to sensitive job data. This allows them to inject malicious code, which could compromise the integrity of the company's software supply chain.

3Halo Surface Signal

Missing Authentication

External exposure likelihood

Halo Surface Signal score for CVE-2026-44592

The vulnerability affects a CI/CD system's API endpoint, which is discoverable by default. While this enables potential network reachability in some distributed deployments, CI systems are typically hosted within internal network segments rather than on the public internet. Consequently, while public reachability is possible, it is not a defining characteristic of common deployments.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

Horizon Alert

Summary of the vulnerability and why it matters

This vulnerability in the Gradient continuous integration system allows anyone who can reach its discovery endpoint to register as a worker without any authentication. This could expose sensitive jobs and arbitrary data to unauthorized parties.

  • Unauthenticated access to CI jobs.
  • Potential for unauthorized data uploads.
  • Default configuration is vulnerable.

Attack Path

How an attacker could exploit the issue

An unauthenticated attacker can exploit this vulnerability by registering as a worker on a Gradient CI system that is discoverable. The attacker can then push arbitrary, malicious store paths into the system's storage, potentially leading to further compromise. This attack requires the system to be reachable and discoverable, with the default configuration enabling this risk.

  • Unauthenticated network access
  • Publicly accessible API endpoint
  • Default discoverable configuration

Live Threat

Current exploitation, exposure, and threat context

This vulnerability allows unauthenticated attackers to register as workers and push arbitrary code to a CI/CD system. While the default configuration makes it discoverable, CI/CD systems are often internal, suggesting attackers would need to breach internal networks or target specific, exposed instances. The fix has been released, but exploitation might still occur if instances are not updated.

  • Fixed in version 1.1.1.
  • No public exploit code available.
  • Not listed on KEV.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

Teams should prioritize patching Gradient to version 1.1.1 to address the unauthenticated worker registration vulnerability. If immediate patching is not feasible, restrict network access to the `/proto` endpoint to prevent unauthorized worker registration and data manipulation. Monitor logs for unusual worker registration activity or unauthorized file uploads.

  • Upgrade Gradient to 1.1.1.
  • Block `/proto` network access.
  • Monitor for new worker registrations.

Frequently asked questions

What is Gradient, and what is the primary function of this continuous integration system?

Gradient is a continuous integration system built on Nix. Its primary function is to automate software building and deployment processes within development workflows.

What type of weakness allows unauthenticated individuals to register as workers in Gradient version 1.1.0?

The vulnerability is characterized by a lack of proper authorization and insecure direct object references. This allows anyone who can reach the /proto endpoint to register as a worker without any credentials by providing a new worker UUID, exploiting the system's assumption of trusted worker registration.

How can an attacker exploit the Gradient CI system to upload arbitrary files?

An attacker can exploit this by reaching the discoverable /proto endpoint and registering a new worker with a unique UUID. Once registered, the attacker's session gains PeerAuth::Open, enabling them to perform NarPush/NarUploaded operations to insert arbitrary store paths into the system's nar_storage and cached_path table.

What is the relevance of CVE-2026-44592, and how does its network reachability impact potential threats?

CVE-2026-44592 is a critical vulnerability in Gradient CI that allows unauthenticated attackers to register as workers and upload arbitrary files. While the default configuration makes the system discoverable, CI/CD systems are often internal, meaning attackers might need to breach internal networks or target specifically exposed instances.

What steps should be taken to address the Gradient CI vulnerability, and what are the immediate mitigation strategies?

Teams should urgently upgrade Gradient to version 1.1.1 to fix the vulnerability. If immediate patching is not possible, restrict network access to the /proto endpoint to prevent unauthorized worker registration and monitor logs for suspicious activity.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified