CVE-2026-53576 | kestra-io kestra up to 1.0.44/1.3.20 /api/v1 code injection (GHSA-2q47-568g-9h4f)

SecurityVulns

A vulnerability classified as critical was found in kestra-io kestra up to 1.0.44/1.3.20. Affected by this issue is some unknown functionality of the file /api/v1. The manipulation results in code injection.

This vulnerability is known as CVE-2026-53576. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More