CVE-2026-49869: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in kestra-io kestra
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, AuthenticationFilter in Kestra OSS uses request.getPath().endsWith("/configs") to whitelist the public configuration endpoint from Basic Auth. Because the check is a suffix match rather than an exact path match, any API path whose last segment is configs bypasses authentication entirely. An unauthenticated remote attacker can exploit this to create and execute arbitrary workflows without credentials. Because Kestra ships with script execution plugins (plugin-script-shell, plugin-script-python, etc.) enabled by default, this directly results in unauthenticated Remote Code Execution as root inside the Kestra worker container. This vulnerability is fixed in 1.0.45 and 1.3.21.
AI Analysis
Technical Summary
Kestra's AuthenticationFilter used a suffix-based check (request.getPath().endsWith("/configs")) to whitelist the public configuration endpoint from Basic Authentication. This approach incorrectly allows any API path ending with '/configs' to bypass authentication entirely. An unauthenticated attacker can exploit this to create and execute arbitrary workflows. Given that Kestra ships with script execution plugins enabled by default, this results in unauthenticated remote code execution as root inside the Kestra worker container. The issue is resolved in versions 1.0.45 and 1.3.21.
Potential Impact
An unauthenticated remote attacker can bypass authentication controls to create and execute arbitrary workflows. Due to default enabled script execution plugins, this leads to remote code execution with root privileges inside the Kestra worker container. This compromises confidentiality, integrity, and availability of the affected system, representing a critical security risk.
Mitigation Recommendations
Upgrade Kestra to version 1.0.45 or later, or 1.3.21 or later, where this vulnerability is fixed. No other mitigations are indicated. Patch status is confirmed fixed in these versions.
CVE-2026-49869: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in kestra-io kestra
Description
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, AuthenticationFilter in Kestra OSS uses request.getPath().endsWith("/configs") to whitelist the public configuration endpoint from Basic Auth. Because the check is a suffix match rather than an exact path match, any API path whose last segment is configs bypasses authentication entirely. An unauthenticated remote attacker can exploit this to create and execute arbitrary workflows without credentials. Because Kestra ships with script execution plugins (plugin-script-shell, plugin-script-python, etc.) enabled by default, this directly results in unauthenticated Remote Code Execution as root inside the Kestra worker container. This vulnerability is fixed in 1.0.45 and 1.3.21.
CVSS v3.1
Score 10.0critical
Affected software
pkg:github/kestra-io/kestraRun on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Kestra's AuthenticationFilter used a suffix-based check (request.getPath().endsWith("/configs")) to whitelist the public configuration endpoint from Basic Authentication. This approach incorrectly allows any API path ending with '/configs' to bypass authentication entirely. An unauthenticated attacker can exploit this to create and execute arbitrary workflows. Given that Kestra ships with script execution plugins enabled by default, this results in unauthenticated remote code execution as root inside the Kestra worker container. The issue is resolved in versions 1.0.45 and 1.3.21.
Potential Impact
An unauthenticated remote attacker can bypass authentication controls to create and execute arbitrary workflows. Due to default enabled script execution plugins, this leads to remote code execution with root privileges inside the Kestra worker container. This compromises confidentiality, integrity, and availability of the affected system, representing a critical security risk.
Mitigation Recommendations
Upgrade Kestra to version 1.0.45 or later, or 1.3.21 or later, where this vulnerability is fixed. No other mitigations are indicated. Patch status is confirmed fixed in these versions.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-06-01T22:03:19.641Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a3eed5627e9c79719f40532
Added to database: 06/26/2026, 21:21:26 UTC
Last enriched: 06/26/2026, 21:36:28 UTC
Last updated: 06/26/2026, 22:06:35 UTC
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.