Overview

• An internal assessment said the prototype allowed any authorized user to view all applications and data without proper access controls or activity logging.
• The memo also flagged unassessed third‑party apps, including one with 25 high‑severity code issues and others with hundreds of vulnerabilities requiring review.
• Army CIO Leonel Garciga said many problems were fixed within days or weeks and confirmed the effort remains in prototype testing under active oversight.
• Anduril said the report reflected an outdated snapshot of the system and Palantir said no vulnerabilities were found in its platform.
• Palantir shares fell about 7.5% after the findings became public, and Garciga said the Palantir Federal Cloud Service could receive a continuous authority to operate to speed updates as soon as next week.