CVE-2026-53577 | kestra-io kestra up to 1.0.44/1.3.20 previewFileFromExecution Endpoint /api/v1 authorization (GHSA-r6v3-xxwj-9h42)

SecurityVulns

A vulnerability was found in kestra-io kestra up to 1.0.44/1.3.20. It has been classified as problematic. The affected element is an unknown function of the file /api/v1 of the component previewFileFromExecution Endpoint. The manipulation leads to incorrect authorization.

This vulnerability is referenced as CVE-2026-53577. Remote exploitation of the attack is possible. No exploit is available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More