CVE-2026-44592 - Vulnerability Details

- Gradient: Unauthenticated worker on /proto → arbitrary NAR write / cache poisoning

Description

Gradient is a nix-based continuous integration system. In 1.1.0, when GRADIENT_DISCOVERABLE=true (the default, and the NixOS module default), anyone who can reach /proto can register as a worker without any credentials by sending a fresh, never-registered worker UUID. The resulting session has PeerAuth::Open, i.e. it sees jobs from every organisation, and can immediately NarPush/NarUploaded arbitrary store paths into nar_storage and the cached_path table. This vulnerability is fixed in 1.1.1.

Published: 2026-05-14

Score: 9.4 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

Gradient, a nix‑based continuous integration system, has a flaw that allows anyone who can reach the /proto endpoint to register as a worker without credentials. The registration grants a session with PeerAuth::Open, which can read jobs from every organisation and write arbitrary store paths into nar_storage and the cached_path table. This permits malicious actors to poison the cache or write unexpected data, potentially leading to compromised builds or unauthorized code execution. The weakness is classified as authentication bypass (CWE‑306), cache poisoning (CWE‑345), and privilege escalation (CWE‑862).

Affected Systems

The product affected is Gradient by wavelens, version 1.1.0. Users running this version should be aware that the default configuration enables the vulnerable discoverable mode (GRADIENT_DISCOVERABLE=true). No other product versions are known to be affected.

Risk and Exploitability

The vulnerability scores 9.4 on the CVSS scale, indicating a high‑severity risk. No EPSS score is available, and it is not listed in the CISA KEV catalog. The likely attack vector is remote network access to the /proto endpoint; an attacker does not need any prior authentication and can perform the exploit from any machine that can reach the service. The vulnerability was fixed in version 1.1.1, meaning the attack can be mitigated by upgrading or by disabling the discoverable mode.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

wavelens

gradient

affected

Version	Status	Constraints
`1.1.0`	affected	—

No data.

Vendor Product Confidence Versions

Wavelens

Gradient

100%

Version	Status	Scheme	Platform
`1.1.0`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Gradient to version 1.1.1 or later where the issue is fixed.
Configure the system to set GRADIENT_DISCOVERABLE=false to prevent unauthenticated worker registration.
Restrict network access to the /proto endpoint using firewalls or network segmentation so that only trusted hosts can reach it.

Generated by OpenCVE AI on May 14, 2026 at 20:39 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00017.

Exploitation none

Automatable yes

Technical Impact partial

References

Link	Providers
https://github.com/wavelens/gradient/security/advisories/GHSA-49w6-gf3p-96m2

History

Sat, 16 May 2026 01:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 15 May 2026 11:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Wavelens Wavelens gradient
Vendors & Products		Wavelens Wavelens gradient

Thu, 14 May 2026 19:00:00 +0000

Type	Values Removed	Values Added
Description		Gradient is a nix-based continuous integration system. In 1.1.0, when GRADIENT_DISCOVERABLE=true (the default, and the NixOS module default), anyone who can reach /proto can register as a worker without any credentials by sending a fresh, never-registered worker UUID. The resulting session has PeerAuth::Open, i.e. it sees jobs from every organisation, and can immediately NarPush/NarUploaded arbitrary store paths into nar_storage and the cached_path table. This vulnerability is fixed in 1.1.1.
Title		Gradient: Unauthenticated worker on /proto → arbitrary NAR write / cache poisoning
Weaknesses		CWE-306 CWE-345 CWE-862
References		https://github.com/wavelens/gradient/security/advisories/GHSA-49w6-gf3p-96m2
Metrics		cvssV3_1 `{'score': 9.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H'}`

Subscriptions

Wavelens Gradient

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-05-14T18:39:59.824Z

Updated: 2026-05-16T00:50:50.162Z

Reserved: 2026-05-06T21:49:12.425Z

Link: CVE-2026-44592

Vulnrichment

Updated: 2026-05-16T00:50:46.392Z

NVD

Status : Deferred

Published: 2026-05-14T19:16:38.147

Modified: 2026-05-15T14:44:49.877

Link: CVE-2026-44592

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-15T11:21:06Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object