CVE-2026-29186
HIGH
GHSA-928r-fm4v-mvrw
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L
Lifecycle Timeline
3Description
Backstage is an open framework for building developer portals. Prior to version 1.14.3, this is a configuration bypass vulnerability that enables arbitrary code execution. The @backstage/plugin-techdocs-node package uses an allowlist to filter dangerous MkDocs configuration keys during the documentation build process. A gap in this allowlist allows attackers to craft an mkdocs.yml that causes arbitrary Python code execution, completely bypassing TechDocs' security controls. This issue has been patched in version 1.14.3.
Analysis
Backstage Plugin-Techdocs-Node versions up to 1.14.3 contains a vulnerability that allows attackers to craft an mkdocs (CVSS 7.7).
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all Backstage instances and identify those running Techdocs-Node versions ≤1.14.3; assess whether external or untrusted users can submit mkdocs content. Within 7 days: Implement network segmentation to restrict Backstage access to authorized personnel only; disable Techdocs-Node plugin if not operationally critical. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today