CVE-2026-55069
Received Received - Intake
Authentication Bypass in Kestra via SHA-512 Hash Cracking

Publication date: 2026-06-26

Last updated on: 2026-06-26

Assigner: GitHub, Inc.

Description
Kestra is an open-source, event-driven orchestration platform. Prior to 1.3.24, this vulnerability exists in the BasicAuth authentication component of the Kestra OSS workflow orchestration platform. An attacker who gains read access to the PostgreSQL database can exploit SHA-512's high computation speed to recover the administrator password offline. In Kubernetes deployments, a successful crack further enables reading of the cluster ServiceAccount Token and all K8s Secrets, achieving vertical privilege escalation. This vulnerability is fixed in 1.3.24.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-26
Last Modified
2026-06-26
Generated
2026-06-27
AI Q&A
2026-06-27
EPSS Evaluated
N/A
NVD
CVE-2026-55069
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
kestra kestra to 1.3.24 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-916 The product generates a hash for a password, but it uses a scheme that does not provide a sufficient level of computational effort that would make password cracking attacks infeasible or expensive.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the BasicAuth authentication component of the Kestra open-source workflow orchestration platform prior to version 1.3.24. If an attacker gains read access to the PostgreSQL database, they can exploit the high computation speed of the SHA-512 hashing algorithm to recover the administrator password offline.

In Kubernetes deployments, once the attacker successfully cracks the password, they can read the cluster's ServiceAccount Token and all Kubernetes Secrets, which allows them to escalate their privileges vertically within the cluster.

Impact Analysis

The vulnerability can lead to a severe security breach. An attacker with read access to the database can recover the administrator password offline, which compromises the authentication system.

In Kubernetes environments, this can result in the attacker gaining access to sensitive cluster credentials such as ServiceAccount Tokens and Kubernetes Secrets, enabling them to escalate privileges and potentially control or disrupt the entire cluster.

Mitigation Strategies

The vulnerability is fixed in Kestra version 1.3.24. Immediate mitigation involves upgrading the Kestra OSS workflow orchestration platform to version 1.3.24 or later.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-55069. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart