{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-53576: Kestra: Unauthenticated RCE via /configs path-suffix auth-filter bypass","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-53576","status":"final","version":"1","initial_release_date":"2026-06-26T20:54:08.282Z","current_release_date":"2026-06-26T20:54:08.282Z","revision_history":[{"date":"2026-06-26T20:54:08.282Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the authentication filter for the REST API (@Filter(\"/api/v1/**\")) treats any request whose path ends in /configs as the public instance-config endpoint and forwards it without a credential check. kestra addresses its resources by URL path segments that the caller chooses (/api/v1/{tenant}/flows/{namespace}, /api/v1/{tenant}/executions/{namespace}/{id}, /api/v1/{tenant}/namespaces/{namespace}/kv/{key}). An anonymous caller picks the literal configs as the final segment, and the request bypasses Basic-Auth entirely. Because the bypass reaches the flow-create and execution-trigger routes, an unauthenticated caller creates a flow containing a Shell or Process task and runs it. The task executes as root inside the kestra container. The official docker-compose.yml mounts /var/run/docker.sock, so root in the container reaches the host Docker daemon. This vulnerability is fixed in 1.0.45 and 1.3.21.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-53576 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-53576"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-53576"},{"category":"external","summary":"https://github.com/kestra-io/kestra/security/advisories/GHSA-2q47-568g-9h4f","url":"https://github.com/kestra-io/kestra/security/advisories/GHSA-2q47-568g-9h4f"}]},"product_tree":{"branches":[{"category":"vendor","name":"kestra-io","branches":[{"category":"product_name","name":"kestra","branches":[{"category":"product_version","name":"< 1.0.45","product":{"name":"kestra-io kestra < 1.0.45","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:kestra-io:kestra:*:*:*:*:*:*:*:*"}}},{"category":"product_version","name":">= 1.1.0, < 1.3.21","product":{"name":"kestra-io kestra >= 1.1.0, < 1.3.21","product_id":"CSAFPID-2","product_identification_helper":{"cpe":"cpe:2.3:a:kestra-io:kestra:*:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-53576","title":"Kestra: Unauthenticated RCE via /configs path-suffix auth-filter bypass","notes":[{"category":"description","text":"Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the authentication filter for the REST API (@Filter(\"/api/v1/**\")) treats any request whose path ends in /configs as the public instance-config endpoint and forwards it without a credential check. kestra addresses its resources by URL path segments that the caller chooses (/api/v1/{tenant}/flows/{namespace}, /api/v1/{tenant}/executions/{namespace}/{id}, /api/v1/{tenant}/namespaces/{namespace}/kv/{key}). An anonymous caller picks the literal configs as the final segment, and the request bypasses Basic-Auth entirely. Because the bypass reaches the flow-create and execution-trigger routes, an unauthenticated caller creates a flow containing a Shell or Process task and runs it. The task executes as root inside the kestra container. The official docker-compose.yml mounts /var/run/docker.sock, so root in the container reaches the host Docker daemon. This vulnerability is fixed in 1.0.45 and 1.3.21.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1","CSAFPID-2"]},"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10,"baseSeverity":"CRITICAL"},"products":["CSAFPID-1","CSAFPID-2"]}],"remediations":[{"category":"none_available","details":"No fixed version is published yet. Monitor the upstream advisory.","product_ids":["CSAFPID-1","CSAFPID-2"]}]}]}