Skip to main content

Kestra CVE-2026-45807

| EUVDEUVD-2026-39921 HIGH
Path Traversal (CWE-22)
2026-06-26 GitHub_M
7.7
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
7.7 HIGH
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
vuln.today AI
7.7 HIGH

Network API reachable (AV:N) with simple encoded-traversal payload (AC:L), requires a low-privilege authenticated execution account (PR:L), no interaction; reads host/cross-tenant files beyond the storage authority (S:C, C:H) with no integrity or availability impact.

3.1 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Patch available
Jun 26, 2026 - 23:02 EUVD
Analysis Generated
Jun 26, 2026 - 21:53 vuln.today

DescriptionCVE.org

Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 and 1.3.19, several Kestra API endpoints accept a kestra:// URI from the client and pass it through StorageInterface.parentTraversalGuard before reading the underlying file from the local storage backend. The guard only inspects the literal URI.toString(), so a URL-encoded .. written as %2E%2E slips through. The downstream code then calls URI.getPath(), which decodes %2E%2E back to .., and the resulting path is handed to Paths.get(...) without normalization. The OS resolves the .. segments at open(2) time, so an authenticated user with a single execution can read any file the Kestra process has access to on the host filesystem (/etc/passwd, mounted secrets, other tenants' execution outputs, etc.). This vulnerability is fixed in 1.0.43 and 1.3.19.

AnalysisAI

Arbitrary file read in Kestra orchestration platform (versions prior to 1.0.43 and 1.3.19) lets an authenticated user with execution privileges read any file accessible to the Kestra process via a URL-encoded path-traversal in kestra:// storage URIs. The parentTraversalGuard checks only the literal URI string, so %2E%2E bypasses it before URI.getPath() decodes it back to '..', exposing /etc/passwd, mounted secrets, and other tenants' execution outputs. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate to Kestra with execution rights
Delivery
Submit kestra:// URI with %2E%2E-encoded traversal
Exploit
Bypass parentTraversalGuard literal check
Execution
URI.getPath() decodes to '..' path
Persist
OS resolves traversal at file open
Impact
Read host files, secrets, cross-tenant outputs

Vulnerability AssessmentAI

Exploitation Exploitation requires an authenticated Kestra account with privileges to create or run at least one execution (CVSS PR:L), and the target instance must be running a vulnerable version (prior to 1.0.43 or 1.3.19) using the local storage backend that resolves kestra:// URIs through StorageInterface.parentTraversalGuard. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The supplied CVSS:3.1 vector (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N = 7.7 High) indicates a network-reachable, low-complexity attack requiring only low privileges and no user interaction, with high confidentiality impact and a scope change - consistent with the description's claim that any authenticated user with one execution can read host files and cross tenant boundaries. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who holds a low-privilege Kestra account creates or triggers an execution and submits a kestra:// URI containing a URL-encoded traversal such as kestra://...%2E%2E%2E%2E/etc/passwd; the guard passes the literal string but URI.getPath() decodes it, and the OS resolves the '..' to read the target file. The same technique reads mounted Kubernetes/Docker secrets or other tenants' execution outputs, exfiltrating credentials usable for further compromise. …
Remediation Upgrade to a patched release: Kestra 1.0.43 for the 1.0.x branch or 1.3.19 for the 1.3.x branch (Vendor-released patch: 1.0.43 and 1.3.19), as documented in advisory GHSA-3529-p4wf-xp79 (https://github.com/kestra-io/kestra/security/advisories/GHSA-3529-p4wf-xp79). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify and document all Kestra deployments and their current versions. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-45807 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy