A vulnerability was found in Octopus Deploy Octopus Server up to 2025.4.10522/2025.4.10544/2026.1.11312 . It has been rated as critical . Affected by this vulnerability is an unknown functionality of the component API Endpoint . The manipulation leads to permission issues. This vulnerability is documented as CVE-2026-4881 . The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is advised.