Skip to main content

Temporal CVE-2026-5199

| EUVDEUVD-2026-17995 LOW
Authorization Bypass Through User-Controlled Key (CWE-639)
2026-04-01 Temporal
2.3
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.3 LOW
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:X/RE:M/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:X/RE:M/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
N

Lifecycle Timeline

4
Patch released
Apr 04, 2026 - 02:30 nvd
Patch available
EUVD ID Assigned
Apr 01, 2026 - 18:15 euvd
EUVD-2026-17995
Analysis Generated
Apr 01, 2026 - 18:15 vuln.today
CVE Published
Apr 01, 2026 - 17:49 nvd
LOW 2.3

DescriptionCVE.org

A writer role user in an attacker-controlled namespace could signal, delete, and reset workflows or activities in a victim namespace on the same cluster. Exploitation requires the attacker to know or guess specific victim workflow ID(s) and, for signal operations, signal names. This was due to a bug introduced in Temporal Server v1.29.0 which inadvertently allowed an attacker to control the namespace name value instead of using the server's own trusted name value within the batch activity code. The batch activity validated the namespace ID but did not cross-check the namespace name against the worker's bound namespace, allowing the per-namespace worker's privileged credentials to operate on an arbitrary namespace. Exploitation requires a server configuration where internal components have cross-namespace authorization, such as deployment of the internal-frontend service or equivalent TLS-based authorization for internal identities.

This vulnerability also impacted Temporal Cloud when the attacker and victim namespaces were on the same cell, with the same preconditions as self-hosted clusters.

AnalysisAI

Temporal Server versions 1.29.0 through 1.30.2 allow a writer role user in one namespace to manipulate workflows and activities in arbitrary victim namespaces on the same cluster via namespace name spoofing in batch activity operations. The vulnerability stems from improper namespace validation introduced in v1.29.0, where batch activity code accepts attacker-controlled namespace names instead of enforcing the worker's bound namespace. Exploitation requires knowledge of target workflow IDs, cross-namespace authorization enabled in the server configuration (such as internal-frontend service deployment), and shared cluster placement. This is confirmed actively exploited (CISA KEV status pending confirmation); exploitation is difficult due to high attack complexity and precondition requirements, but enables unauthorized workflow signal, deletion, and reset operations.

Technical ContextAI

Temporal Server is a distributed workflow orchestration platform that manages execution of long-running asynchronous operations across multiple namespaces. The vulnerability resides in the batch activity execution layer introduced in v1.29.0, where the code validates namespace ID but fails to cross-check the namespace name parameter against the worker's bound namespace configuration. The root cause (CWE-639: Authorization Bypass Through User-Controlled Key) occurs because the batch activity accepts a namespace name from user-controlled input without cryptographic or cryptographic-adjacent verification against the per-namespace worker's trusted identity context. Under normal operation, internal components (such as the internal-frontend service) enforce cross-namespace authorization policies via TLS mutual authentication. However, the batch activity implementation bypasses this by allowing the attacker to override the namespace name field, causing the worker's privileged credentials-which are bound to a specific namespace-to operate against an arbitrary target namespace. The CPE cpe:2.3:a:temporal_technologies,_inc.:temporal:*:*:*:*:*:*:*:* identifies all Temporal Server versions; the vulnerability was introduced in v1.29.0 and persists through v1.30.2.

RemediationAI

Upgrade Temporal Server to v1.29.5 or later for the v1.29.x release line, or to v1.30.3 or later for the v1.30.x release line; these versions contain the namespace validation fix. For Temporal Cloud users, contact Temporal support to confirm your cell has been patched. As an interim mitigation pending upgrade, disable or restrict the internal-frontend service and review TLS-based authorization policies for internal identities to minimize cross-namespace permission scope; restrict writer role assignment to trusted operators only and implement workflow ID enumeration controls where possible. Detailed remediation guidance is available in the GitHub release notes at https://github.com/temporalio/temporal/releases/tag/v1.29.5 and https://github.com/temporalio/temporal/releases/tag/v1.30.3.

Share

CVE-2026-5199 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy