Description
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the authentication filter for the REST API (@Filter("/api/v1/**")) treats any request whose path ends in /configs as the public instance-config endpoint and forwards it without a credential check. kestra addresses its resources by URL path segments that the caller chooses (/api/v1/{tenant}/flows/{namespace}, /api/v1/{tenant}/executions/{namespace}/{id}, /api/v1/{tenant}/namespaces/{namespace}/kv/{key}). An anonymous caller picks the literal configs as the final segment, and the request bypasses Basic-Auth entirely. Because the bypass reaches the flow-create and execution-trigger routes, an unauthenticated caller creates a flow containing a Shell or Process task and runs it. The task executes as root inside the kestra container. The official docker-compose.yml mounts /var/run/docker.sock, so root in the container reaches the host Docker daemon. This vulnerability is fixed in 1.0.45 and 1.3.21.
Published: 2026-06-26
Score: 10 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An authentication filter bug in Kestra’s REST API allows any request that ends with /configs to bypass credential checks, enabling an unauthenticated caller to create flows with shell or process tasks and execute them as the root user inside the container. The vulnerability can lead to full host compromise because the container typically has the host Docker socket mounted, giving the root inside the container direct control over the Docker daemon. This flaw is a classic example of unauthenticated access to privileged resources and code execution and is classified as CWE-288 and CWE-94.

Affected Systems

The issue affects Kestra-IO’s Kestra platform in all deployments running version 1.0.44 or older and 1.3.20 or older, before the vendor released the 1.0.45 and .21 fixes. Any installation that exposes the /api/v1/ endpoints without proper access control is vulnerable.

Risk and Exploitability

The CVSS score is 10, indicating the highest possible severity, and the lack of an EPSS score or KEV listing does not diminish the risk; administrators should treat this flaw as highly exploitable. Attackers would send a simple HTTP request to the public API, exploit the bypass, create a privileged flow, and achieve remote code execution on the host with root privileges if the container mounts the Docker socket. Mitigation must be applied immediately.

Generated by OpenCVE AI on June 26, 2026 at 22:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Kestra to version 1.0.45 or newer, or 1.3.21 or later.
  • If immediate upgrade is not possible, restrict external access to the /api/v1/ endpoints and enforce authentication or IP‑based firewall rules to block unauthenticated callers.
  • Re‑configure or remove the host Docker socket mount and run the Kestra container without root privileges or in rootless mode.

Generated by OpenCVE AI on June 26, 2026 at 22:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 26 Jun 2026 21:30:00 +0000

Type Values Removed Values Added
Description Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the authentication filter for the REST API (@Filter("/api/v1/**")) treats any request whose path ends in /configs as the public instance-config endpoint and forwards it without a credential check. kestra addresses its resources by URL path segments that the caller chooses (/api/v1/{tenant}/flows/{namespace}, /api/v1/{tenant}/executions/{namespace}/{id}, /api/v1/{tenant}/namespaces/{namespace}/kv/{key}). An anonymous caller picks the literal configs as the final segment, and the request bypasses Basic-Auth entirely. Because the bypass reaches the flow-create and execution-trigger routes, an unauthenticated caller creates a flow containing a Shell or Process task and runs it. The task executes as root inside the kestra container. The official docker-compose.yml mounts /var/run/docker.sock, so root in the container reaches the host Docker daemon. This vulnerability is fixed in 1.0.45 and 1.3.21.
Title Kestra: Unauthenticated RCE via /configs path-suffix auth-filter bypass
Weaknesses CWE-288
CWE-94
References
Metrics cvssV3_1

{'score': 10, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-26T20:54:08.282Z

Reserved: 2026-06-09T19:11:53.484Z

Link: CVE-2026-53576

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T22:30:04Z

Weaknesses
  • CWE-288

    Authentication Bypass Using an Alternate Path or Channel

  • CWE-94

    Improper Control of Generation of Code ('Code Injection')