CVE ID :CVE-2026-49869 Published : June 26, 2026, 8:58 p.m. | 4 hours, 13 minutes ago Description :Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, AuthenticationFilter in Kestra OSS uses request.getPath().endsWith("/configs") to whitelist the public...

#Sicherheitslücke

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-49869 - Kestra: Unauthenticated Remote Code Execution via Authentication Bypass in `AuthenticationFilter`

VERWANDTEARTIKEL

CVE-2026-56414 - H.VIEW HV-500S6 IP Camera Unrestricted Upload of File with Dangerous Type

CVE-2026-55975 - H.VIEW HV-500S6 IP Camera OS Command Injection

CVE-2026-31928 - Daktronics Controller Firmware Use of Hard-coded Credentials

CVE-2026-33560 - Daktronics Controller Firmware Unrestricted Upload of File with Dangerous Type

CVE-2026-28701 - Daktronics Controller Firmware Path Traversa

CVE-2026-53576 - Kestra: Unauthenticated RCE via /configs path-suffix auth-filter bypass