A vulnerability, which was classified as problematic , has been found in hatchet-dev hatchet up to 0.83.37 . Affected is an unknown function of the file /api/v1/stable/dags/tasks . Performing a manipulation results in authorization bypass. This vulnerability is known as CVE-2026-42572 . Remote exploitation of the attack is possible. No exploit is available. It is advisable to upgrade the affected component.