Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.4
CVE-2026-44592: Gradient 1.1.0: Unauthorized Access to Continuous Integration System
CVE-2026-44592
Summary
The Gradient continuous integration system allows anyone to register as a worker without a password, giving them access to all jobs and the ability to upload arbitrary files. This is a security risk because it allows unauthorized access to sensitive data. To fix this issue, update to version 1.1.1 or later.
Original title
Gradient is a nix-based continuous integration system. In 1.1.0, when GRADIENT_DISCOVERABLE=true (the default, and the NixOS module default), anyone who can reach /proto can register as a worker wi...
Original description
Gradient is a nix-based continuous integration system. In 1.1.0, when GRADIENT_DISCOVERABLE=true (the default, and the NixOS module default), anyone who can reach /proto can register as a worker without any credentials by sending a fresh, never-registered worker UUID. The resulting session has PeerAuth::Open, i.e. it sees jobs from every organisation, and can immediately NarPush/NarUploaded arbitrary store paths into nar_storage and the cached_path table. This vulnerability is fixed in 1.1.1.
nvd CVSS3.1
9.4
Vulnerability type
CWE-306
Missing Authentication for Critical Function
CWE-345
CWE-862
Missing Authorization
Published: 14 May 2026 · Updated: 30 May 2026 · First seen: 14 May 2026