What is the CVSS score of CVE-2026-40050?

CVE-2026-40050 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.3%.

Which versions of CrowdStrike LogScale are affected by CVE-2026-40050?

CrowdStrike LogScale self-hosted deployments are vulnerable to unauthenticated remote file read attacks via path traversal in the cluster API, potentially exposing sensitive configuration files,…

CrowdStrike LogScale CVE-2026-40050

EUVD-2026-24164 CRITICAL

Path Traversal (CWE-22)

2026-04-21 13ddcd98-6f4a-40a8-8e24-29ca0aee4661

GHSA-q4qj-hj7m-7jgx

Path Traversal

9.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Re-analysis Queued

Apr 22, 2026 - 21:37 vuln.today

cvss_changed

Analysis Generated

Apr 21, 2026 - 17:35 vuln.today

EUVD ID Assigned

Apr 21, 2026 - 17:22 euvd

EUVD-2026-24164

Analysis Generated

Apr 21, 2026 - 17:22 vuln.today

CVE Published

Apr 21, 2026 - 17:16 nvd

CRITICAL 9.8

DescriptionNVD

CrowdStrike has released security updates to address a critical unauthenticated path traversal vulnerability (CVE-2026-40050) in LogScale. This vulnerability only requires mitigation by customers that host specific versions of LogScale and does not affect Next-Gen SIEM customers. The vulnerability exists in a specific cluster API endpoint that, if exposed, allows a remote attacker to read arbitrary files from the server filesystem without authentication.

Next-Gen SIEM customers are not affected and do not need to take any action. CrowdStrike mitigated the vulnerability for LogScale SaaS customers by deploying network-layer blocks to all clusters on April 7, 2026. We have proactively reviewed all log data and there is no evidence of exploitation.

LogScale Self-hosted customers should upgrade to a patched version immediately to remediate the vulnerability.

CrowdStrike identified this vulnerability during continuous and ongoing product testing.

AnalysisAI

Unauthenticated path traversal in CrowdStrike LogScale cluster API allows remote attackers to read arbitrary files from server filesystems. Affects only self-hosted LogScale deployments with specific vulnerable versions; Next-Gen SIEM customers are not impacted. …

RemediationAI

Within 24 hours: Inventory all self-hosted CrowdStrike LogScale deployments and verify their version numbers against the affected versions list from CrowdStrike advisory. Within 7 days: Implement network segmentation to restrict LogScale cluster API access to trusted internal networks only; disable external API accessibility if currently enabled. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-40050 vulnerability details – vuln.today

Back

CrowdStrike LogScale CVE-2026-40050

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code