128 matches found
SUSE CVE-2026-41283
OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead to exfiltration of service credentials...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Mistral vulnerability (USN-8422-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8422-1 advisory. Eduardo Gonzalez Gutierrez and Arnaud Morin discovered that Mistral did not properly enforce access policies on some API endpoints...
USN-8422-1 mistral vulnerability
Eduardo Gonzalez Gutierrez and Arnaud Morin discovered that Mistral did not properly enforce access policies on some API endpoints. An attacker could possibly execute arbitrary code on a Mistral worker and possibly extract sensitive data including service credentials from it...
USN-8422-1: Mistral vulnerability
Eduardo Gonzalez Gutierrez and Arnaud Morin discovered that Mistral did not properly enforce access policies on some API endpoints. An attacker could possibly execute arbitrary code on a Mistral worker and possibly extract sensitive data including service credentials from it...
CVE-2026-41283
A flaw was found in OpenStack Mistral. When the API is exposed, a remote attacker can exploit certain endpoints to achieve arbitrary code execution. This allows the attacker to run malicious code on the system and potentially exfiltrate sensitive service credentials. Mitigation Restrict network...
Debian dsa-6333 : mistral-api - security update
The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6333 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6333-1 [email protected] https://www.debian.org/security/...
[SECURITY] [DSA 6333-1] mistral security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6333-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 09, 2026 https://www.debian.org/security/faq -...
CVE-2026-41283
OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead to exfiltration of service credentials...
EUVD-2026-34201
OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead to exfiltration of service credentials...
CVE-2026-41283
OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead to exfiltration of service credentials...
CVE-2026-41283
OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead to exfiltration of service credentials...
CVE-2026-41283
OpenStack Mistral
CVE-2026-41283
OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead to exfiltration of service credentials...
PT-2026-46137
Name of the Vulnerable Software and Affected Versions OpenStack Mistral versions prior to 22.0.0 Description An issue exists where a policy enforcement bypass allows arbitrary remote code execution when the API is exposed. Specific API endpoints do not properly validate user-supplied inputs,...
OpenStack Mistral-Dashboard 安全漏洞
OpenStack Mistral-Dashboard is an open-source graphical interface plugin for OpenStack. OpenStack Mistral-Dashboard versions 22.0.0 and earlier have security vulnerabilities. These vulnerabilities stem from exposed API endpoints that allow code execution, potentially leading to exposure of servic...
Linux Distros Unpatched Vulnerability : CVE-2026-41283
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead t...
Malicious code in mistral-search-toolkit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4f3c615d5d39af7634550be88e5630a25b7a3dbd5bd2a8717cb01f07f06a5cd2 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-4358 Malicious code in mistral-search-toolkit (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4f3c615d5d39af7634550be88e5630a25b7a3dbd5bd2a8717cb01f07f06a5cd2 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in mistral-workflows-plugins-webhook (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e87825efe9006ca3d435869b276f0d8526a1255ec71ac6e7aa0ea1bb068b6673 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-4355 Malicious code in mistral-workflows-plugins-webhook (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e87825efe9006ca3d435869b276f0d8526a1255ec71ac6e7aa0ea1bb068b6673 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...