CVE-2026-55069
Analyzed Analyzed - Analysis Complete

Authentication Bypass in Kestra via SHA-512 Hash Cracking

Vulnerability report for CVE-2026-55069, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-26

Last updated on: 2026-07-01

Assigner: GitHub, Inc.

Description

Kestra is an open-source, event-driven orchestration platform. Prior to 1.3.24, this vulnerability exists in the BasicAuth authentication component of the Kestra OSS workflow orchestration platform. An attacker who gains read access to the PostgreSQL database can exploit SHA-512's high computation speed to recover the administrator password offline. In Kubernetes deployments, a successful crack further enables reading of the cluster ServiceAccount Token and all K8s Secrets, achieving vertical privilege escalation. This vulnerability is fixed in 1.3.24.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-26
Last Modified
2026-07-01
Generated
2026-07-17
AI Q&A
2026-06-27
EPSS Evaluated
2026-07-16
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
kestra kestra to 1.3.24 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-916 The product generates a hash for a password, but it uses a scheme that does not provide a sufficient level of computational effort that would make password cracking attacks infeasible or expensive.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the BasicAuth authentication component of the Kestra open-source workflow orchestration platform prior to version 1.3.24. If an attacker gains read access to the PostgreSQL database, they can exploit the high computation speed of the SHA-512 hashing algorithm to recover the administrator password offline.

In Kubernetes deployments, once the attacker successfully cracks the password, they can read the cluster's ServiceAccount Token and all Kubernetes Secrets, which allows them to escalate their privileges vertically within the cluster.

Impact Analysis

The vulnerability can lead to a severe security breach. An attacker with read access to the database can recover the administrator password offline, which compromises the authentication system.

In Kubernetes environments, this can result in the attacker gaining access to sensitive cluster credentials such as ServiceAccount Tokens and Kubernetes Secrets, enabling them to escalate privileges and potentially control or disrupt the entire cluster.

Compliance Impact

This vulnerability allows an attacker with read access to the PostgreSQL database to recover the administrator password offline and potentially escalate privileges within Kubernetes environments. Such unauthorized access and privilege escalation can lead to exposure of sensitive data, including Kubernetes Secrets and ServiceAccount Tokens.

Exposure of sensitive data and unauthorized access can negatively impact compliance with common standards and regulations such as GDPR and HIPAA, which require protection of personal and sensitive information and mandate strict access controls.

Mitigation Strategies

The vulnerability is fixed in Kestra version 1.3.24. Immediate mitigation involves upgrading the Kestra OSS workflow orchestration platform to version 1.3.24 or later.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-55069. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart