We have conducted a thorough investigation and validated that we are not impacted by the Axios breach. The malicious Axios package was never published to any Palantir production environments.

Security Bulletin

Bulletin ID: PLTRSEC-2025-52

CVE: CVE-2025-68427

Affected Products / Versions: N/A

Publication Date: April 7, 2026

Summary

Object Security Policies configured on Pipeline Builder-backed object types were being silently deleted during pipeline deployments on Foundry stacks. This could have resulted in unintended data exposure where manually configured row-level security restrictions were removed without warning, potentially allowing users to view object instances they should not have access to. The affected service has been patched and automatically deployed to all Apollo-managed Foundry instances.

Background

A software defect in Palantir's Pipeline Builder deployment process caused Object Security Policies to be silently deleted whenever a pipeline was redeployed. When administrators manually configured security policies on object types backed by Pipeline Builder, subsequent pipeline deployments would completely drop these security configurations without any warning or notification.

This behavior could have resulted in sensitive data becoming visible to users who should have been restricted by the deleted security policies. The issue affected any object type that was both backed by Pipeline Builder and had custom Object Security Policies applied.

Palantir's information security team conducted a thorough investigation of affected instances and reviewed access patterns to determine if any unauthorized data access occurred as a result of this defect. The team is working directly with impacted customers to assess the scope and restore appropriate security policies where necessary.

Details

Object Security Policies are a critical security feature in Foundry that allow administrators to configure view permissions at the object instance level by defining security policies on object types. These policies operate independently of the underlying data source permissions and are essential for implementing row-level security controls.

Remediation

This defect has been resolved and the fix has been rolled out to all affected Foundry instances. Pipeline deployments now properly preserve Object Security Policies configured on Pipeline Builder-backed object types.

Timeline

N/A

Acknowledgement

This issue was identified internally at Palantir.

• Palantir has been tracking the compromise of Aqua Security’s Trivy supply chain for several weeks. We have tracked the existence of additional vulnerable releases, confirmed by further reporting from other industry sources.
• Palantir has evaluated any and all links to the vulnerable version across the entire Palantir developer and endpoint landscape and confirmed no compromise.
• Palantir has confirmed no vulnerable versions were released in our Container Vulnerability Scanning (CVS) tool for our Apollo container vulnerability scanning or Foundry container vulnerability scanning features.
• Palantir has frozen our CVS scanning engine on the last known safe version of Trivy. Vulnerability databases continue to be kept up to date.
• Palantir is urgently evaluating replacement vulnerability scanning tools, has already deployed an alternative scanner in an internal beta, and is performing further analysis to confirm security outcomes are met by the alternative scanner. A final decision will be made regarding our future state scanning engine in the coming weeks.

We are aware of a viral social media post claiming that Palantir Technologies has been hacked. These claims are unverified and unfounded.

Security Bulletin

Bulletin ID: PLTRSEC-2025-53

CVE: CVE-2025-68609

Affected Products / Versions: N/A

Publication Date: December 19, 2025

Summary

Aries service endpoints were exposed without authentication or authorization enforcement on Apollo-managed stacks using default configuration. This could have allowed any user with network access to the Apollo instance to view and interact with system logs without proper credential validation. The affected service has been patched and automatically deployed to all impacted Apollo instances.

Background

A software defect in Palantir's Aries Service resulted in both authentication and authorization controls failing to enforce properly on instances using the default configuration. While the intended behavior was to allow any authenticated Apollo user to access Aries functionality, the actual implementation failed to validate authentication tokens entirely, effectively bypassing both authentication (authN) and authorization (authZ) checks.

This meant that any client capable of reaching the Aries service endpoints over the network could access log data and perform operations without presenting valid credentials or proving their identity.

Palantir's information security team conducted a comprehensive review of access logs and network traffic patterns for all affected Aries instances. No evidence of unauthorized access or exploitation of this vulnerability has been identified during the period when the defect was present.

Details

Aries is a legacy system designed for viewing and managing logs on Apollo infrastructure. Under the intended default authorization model, any authenticated user with access to an Apollo instance should be able to perform actions within Aries.

Remediation

This defect has been resolved and the fix has been rolled out to all affected Apollo instances. Authentication and authorization controls are now properly enforced. No further intervention is required.

Timeline

N/A

Acknowledgement

This issue was identified internally at Palantir.