CVE-2026-53576
Published: 26 June 2026
Summary
CVE-2026-53576 is a critical-severity Code Injection (CWE-94) vulnerability in Kestra Kestra. Its CVSS base score is 10.0 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 37.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-39919
Vulnerability details
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the authentication filter for the REST API (@Filter("/api/v1/**")) treats any request whose path ends in /configs as the public instance-config endpoint and forwards it without a credential check.…
more
kestra addresses its resources by URL path segments that the caller chooses (/api/v1/{tenant}/flows/{namespace}, /api/v1/{tenant}/executions/{namespace}/{id}, /api/v1/{tenant}/namespaces/{namespace}/kv/{key}). An anonymous caller picks the literal configs as the final segment, and the request bypasses Basic-Auth entirely. Because the bypass reaches the flow-create and execution-trigger routes, an unauthenticated caller creates a flow containing a Shell or Process task and runs it. The task executes as root inside the kestra container. The official docker-compose.yml mounts /var/run/docker.sock, so root in the container reaches the host Docker daemon. This vulnerability is fixed in 1.0.45 and 1.3.21.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Auth bypass on public API enables unauth flow creation/execution (T1190) with direct shell task RCE as root (T1059.004).
CVEs Like This One
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Authorizing remote access reduces the ability to bypass authentication via unauthorized alternate remote channels.
Users can identify logons via alternate paths or channels by reviewing the previous logon time.
Adaptive requirements can apply across access paths, reducing the ability to bypass authentication via alternate channels or paths.
Centralized IdPs close alternate authentication paths that enable bypass.
Enforces authentication for non-organizational users, making it harder to bypass via alternate paths or channels.
Requires authentication to occur exclusively over the isolated trusted path, directly preventing bypass via alternate or untrusted channels.
Makes persistent code injection into loaded programs impossible when the executable image itself resides on hardware-protected read-only media.
Dynamically generated code can be produced and executed inside the isolated chamber, preventing host compromise from code-injection payloads.
Hardening callouts derived
Configuration rules from DISA STIG baselines that reduce the attack surface for weaknesses of the type cited by this CVE. Derived transitively via CVE→CWE→STIG over `controls_xwalks` (authoritative rows only).
Oracle Linux 8 (2 rules)
- V-248598 There must be no ".shosts" files on the OL 8 operating system. via CWE-288
- V-248827 OL 8 must not have the rsh-server package installed. via CWE-288
Oracle Linux 9 (2 rules)
- V-271757 OL 9 file systems must not contain shosts.equiv files. via CWE-288
- V-271758 OL 9 file systems must not contain .shosts files. via CWE-288
RHEL 7 (3 rules)
- V-204424 The Red Hat Enterprise Linux operating system must not allow accounts configured with blank or null passwords. via CWE-288
- V-204440 Red Hat Enterprise Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes. via CWE-288
- V-204442 The Red Hat Enterprise Linux operating system must not have the rsh-server package installed. via CWE-288