CVE-2026-53576
CriticalCVSS 10.0Exploitation Probability (EPSS)
Low risk37th percentile — higher than 37% of all known CVEs
Summary
In Kestra before versions 1.0.45 and 1.3.21, the REST API authentication filter bypasses credential checks for requests ending in '/configs'. An unauthenticated attacker can exploit this to create flows with Shell or Process tasks that execute as root inside the container, and via the mounted /var/run/docker.sock gain access to the host Docker daemon.
Risk Assessment
The organization is at risk of complete compromise of the container and Docker host by an unauthenticated attacker, potentially leading to arbitrary code execution, data theft, or system disruption.
Recommendation
Immediately upgrade Kestra to version 1.0.45 or 1.3.21. If an upgrade is not possible, temporarily block access to REST API endpoints for unauthenticated users at the firewall or reverse proxy level.
Original NVD description (English source)
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the authentication filter for the REST API (@Filter("/api/v1/**")) treats any request whose path ends in /configs as the public instance-config endpoint and forwards it without a credential check. kestra addresses its resources by URL path segments that the caller chooses (/api/v1/{tenant}/flows/{namespace}, /api/v1/{tenant}/executions/{namespace}/{id}, /api/v1/{tenant}/namespaces/{namespace}/kv/{key}). An anonymous caller picks the literal configs as the final segment, and the request bypasses Basic-Auth entirely. Because the bypass reaches the flow-create and execution-trigger routes, an unauthenticated caller creates a flow containing a Shell or Process task and runs it. The task executes as root inside the kestra container. The official docker-compose.yml mounts /var/run/docker.sock, so root in the container reaches the host Docker daemon. This vulnerability is fixed in 1.0.45 and 1.3.21.

