CVE-2026-7723 | PrefectHQ prefect up to 3.6.13 WebSocket Endpoint /api/events/in missing authentication

A vulnerability was found in PrefectHQ prefect up to 3.6.13. It has been declared as critical. Affected is an unknown function of the file /api/events/in of the component WebSocket Endpoint. Executing a manipulation can lead to missing authentication.

This vulnerability appears as CVE-2026-7723. The attack may be performed from remote. In addition, an exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More