CVE-2025-14987 Cross Namespace Commands Authorization Bypass
When system.enableCrossNamespaceCommands is enabled on by default, the Temporal server permits certain workflow task commands e.g. StartChildWorkflowExecution, SignalExternalWorkflowExecution, RequestCancelExternalWorkflowExecution to target a different namespace than the namespace authorized at...