Lucene search
K

75 matches found

NVD
NVD
added 2026/06/26 10:16 p.m.10 views

CVE-2026-55069

Kestra is an open-source, event-driven orchestration platform. Prior to 1.3.24, this vulnerability exists in the BasicAuth authentication component of the Kestra OSS workflow orchestration platform. An attacker who gains read access to the PostgreSQL database can exploit SHA-512's high computatio...

8.7CVSS0.00158EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 10:16 p.m.14 views

CVE-2026-53577

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the previewFileFromExecution endpoint GET /api/v1/tenant/executions/executionId/file/preview contains an access control bypass that allows any authenticated user to read output files from any other executio...

6.5CVSS0.00263EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 10:16 p.m.14 views

CVE-2026-49869

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, AuthenticationFilter in Kestra OSS uses request.getPath.endsWith"/configs" to whitelist the public configuration endpoint from Basic Auth. Because the check is a suffix match rather than an exact path match...

10CVSS0.00684EPSS
Exploits2References1
NVD
NVD
added 2026/06/26 10:16 p.m.16 views

CVE-2026-49984

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-supplied paths for .. traversal before it converts Windows-style backslashes to forward slashes. An attacker can therefore smuggle a traversal sequence past...

7.7CVSS0.00386EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 10:16 p.m.11 views

CVE-2026-45807

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 and 1.3.19, several Kestra API endpoints accept a kestra:// URI from the client and pass it through StorageInterface.parentTraversalGuard before reading the underlying file from the local storage backend. The guard onl...

7.7CVSS0.00386EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/26 8:58 p.m.38 views

CVE-2026-49869 Kestra: Unauthenticated Remote Code Execution via Authentication Bypass in `AuthenticationFilter`

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, AuthenticationFilter in Kestra OSS uses request.getPath.endsWith"/configs" to whitelist the public configuration endpoint from Basic Auth. Because the check is a suffix match rather than an exact path match...

10CVSS0.00684EPSS
Exploits2References1
CVE
CVE
added 2026/06/26 8:58 p.m.48 views

CVE-2026-49869

Kestra OSS contains an unauthenticated RCE flaw in the AuthenticationFilter prior to versions 1.0.45 and 1.3.21. The whitelist uses a suffix check (request.getPath().endsWith("/configs")) to bypass Basic Auth, so any API path ending in configs bypasses authentication. An unauthenticated attacker ...

10CVSS6.4AI score0.00684EPSS
Exploits2References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/26 8:58 p.m.9 views

CVE-2026-49869

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, AuthenticationFilter in Kestra OSS uses request.getPath.endsWith"/configs" to whitelist the public configuration endpoint from Basic Auth. Because the check is a suffix match rather than an exact path match...

10CVSS6.4AI score0.00684EPSS
Exploits2References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/26 8:57 p.m.11 views

CVE-2026-45807

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 and 1.3.19, several Kestra API endpoints accept a kestra:// URI from the client and pass it through StorageInterface.parentTraversalGuard before reading the underlying file from the local storage backend. The guard onl...

7.7CVSS6AI score0.00386EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/06/26 8:57 p.m.20 views

CVE-2026-45807

Summary: Kestra prior to versions 1.0.43 and 1.3.19 is affected by a path-traversal vulnerability. Several API endpoints accept a kestra:// URI and pass it through StorageInterface.parentTraversalGuard, which only inspects the literal URI.toString(). An URL-encoded .. ("%2E%2E") can slip through,...

7.7CVSS6AI score0.00386EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/26 8:57 p.m.49 views

CVE-2026-45807 Kestra: Path traversal via URL-encoded "%2E%2E" in execution and namespace file endpoints allows arbitrary file read

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 and 1.3.19, several Kestra API endpoints accept a kestra:// URI from the client and pass it through StorageInterface.parentTraversalGuard before reading the underlying file from the local storage backend. The guard onl...

7.7CVSS0.00386EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/26 8:55 p.m.39 views

CVE-2026-49984 Kestra: Path traversal in `LocalStorage` allows any authenticated user to read arbitrary server files via the execution file-download API (`\..\` bypasses the `..` guard)

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-supplied paths for .. traversal before it converts Windows-style backslashes to forward slashes. An attacker can therefore smuggle a traversal sequence past...

7.7CVSS0.00386EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 8:55 p.m.8 views

CVE-2026-49984

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-supplied paths for .. traversal before it converts Windows-style backslashes to forward slashes. An attacker can therefore smuggle a traversal sequence past...

7.7CVSS6AI score0.00386EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/06/26 8:54 p.m.40 views

CVE-2026-53576 Kestra: Unauthenticated RCE via /configs path-suffix auth-filter bypass

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the authentication filter for the REST API @Filter"/api/v1/" treats any request whose path ends in /configs as the public instance-config endpoint and forwards it without a credential check. kestra addresse...

10CVSS0.00472EPSS
Exploits2References1
CVE
CVE
added 2026/06/26 8:54 p.m.26 views

CVE-2026-53576

Kestra prior to versions 1.0.45 and 1.3.21 contained an authentication filter bypass on the REST API. Requests whose path ends in /configs were treated as the public instance-config endpoint and forwarded without credential checks, allowing anonymous access to resources such as /api/v1/{tenant}/f...

10CVSS5.8AI score0.00472EPSS
Exploits2References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/26 8:52 p.m.6 views

CVE-2026-53577

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the previewFileFromExecution endpoint GET /api/v1/tenant/executions/executionId/file/preview contains an access control bypass that allows any authenticated user to read output files from any other executio...

6.5CVSS5.9AI score0.00263EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/06/26 8:52 p.m.39 views

CVE-2026-53577 Kestra: Cross-Execution File Read via Preview Endpoint (IDOR)

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the previewFileFromExecution endpoint GET /api/v1/tenant/executions/executionId/file/preview contains an access control bypass that allows any authenticated user to read output files from any other executio...

6.5CVSS0.00263EPSS
Exploits1References1
CVE
CVE
added 2026/06/26 8:52 p.m.26 views

CVE-2026-53577

CVE-2026-53577 – Kestra : Affects the previewFileFromExecution endpoint (GET /api/v1/{tenant}/executions/{executionId}/file/preview). Before versions 1.0.45 and 1.3.21, there was an access control bypass that allowed any authenticated user to read output files from any other execution within the ...

6.5CVSS5.9AI score0.00263EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2026/06/26 8:50 p.m.37 views

CVE-2026-55069 Kestra BasicAuth Password Stored as SHA-512 Enables Offline Brute-Force Attack

Kestra is an open-source, event-driven orchestration platform. Prior to 1.3.24, this vulnerability exists in the BasicAuth authentication component of the Kestra OSS workflow orchestration platform. An attacker who gains read access to the PostgreSQL database can exploit SHA-512's high computatio...

8.7CVSS0.00158EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 8:50 p.m.8 views

CVE-2026-55069

Kestra is an open-source, event-driven orchestration platform. Prior to 1.3.24, this vulnerability exists in the BasicAuth authentication component of the Kestra OSS workflow orchestration platform. An attacker who gains read access to the PostgreSQL database can exploit SHA-512's high computatio...

8.7CVSS5.8AI score0.00158EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder