External risk intelligence

Kestra API Authentication Bypass Allows Root Container Execution

CVE advisorySeverity: CRITICAL (CVSS 10.0)

CVE-2026-53576

Kestra is an orchestration platform with a REST API intended for managing workflows and integrations. These APIs are commonly exposed to provide external access for automation, webhooks, and remote triggers, making the vulnerable endpoint reachable in typical deployments where the platform serves as an API or automation gateway.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

External exposure likelihood

Horizon Alert

Summary of the vulnerability and why it matters

This advisory concerns a critical vulnerability in Kestra, an open-source platform for orchestrating workflows. The vulnerability allows unauthenticated access to sensitive API endpoints, potentially enabling an attacker to execute arbitrary code with root privileges within the Kestra container, and gain access to the host system's Docker daemon. This could lead to a complete compromise of the affected environment.

  • Unauthenticated access to critical orchestration functions.
  • Risks compromise of container and host systems.
  • Confirm relevance and scope of Kestra deployments.

Attack Path

How an attacker could exploit the issue

An unauthenticated attacker can bypass the Kestra REST API's authentication filter by crafting a specific request path. This bypass allows the attacker to create and trigger a flow that executes arbitrary code as root within the Kestra container. If the Docker socket is mounted from the host, this capability can extend to controlling the host's Docker daemon.

  • Unauthenticated network access required.
  • Request path bypasses authentication filter.
  • Root container execution, potential host control.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability could allow an unauthenticated caller to create and run a flow with a shell or process task that executes as root inside the Kestra container. When supported by the advisory's deployment configuration, this could extend to the host Docker daemon, potentially leading to broader system compromise.

  • Containerized Kestra processes.
  • Unauthenticated API requests to `/configs`.
  • Host system compromise via Docker daemon.

Operational Fix

Recommended remediation, mitigation, and detection steps

This critical vulnerability in Kestra's REST API authentication filter affects deployments where the API is exposed, potentially allowing unauthenticated attackers to execute arbitrary code as root on the host system by exploiting the `configs` endpoint. System owners and platform teams should prioritize identifying Kestra instances, assessing their exposure, and confirming business criticality. The immediate first step is to locate all Kestra deployments and determine their accessibility and operational importance, followed by a coordinated remediation plan based on the identified risk.

  • Platform/App owners should address this.
  • Verify API exposure and reachability first.
  • Plan remediation based on risk and criticality.

Supplementary metadata

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Frequently asked questions

What is Kestra and what is it used for?

Kestra is an open-source, event-driven orchestration platform used to build and automate complex data pipelines, workflows, and integrations. It allows users to manage tasks, schedule jobs, and connect various services through a REST API. Because it handles automation and remote triggers, organizations often rely on its orchestration capabilities to coordinate infrastructure and application tasks across distributed environments.

How does CVE-2026-53576 cause a security weakness?

This vulnerability is an authentication bypass, classified as CWE-288 (Authentication Bypass Using an Alternate Path or Channel) and CWE-94 (Improper Control of Generation of Code). The platform's API filter incorrectly assumes any request path ending in /configs is safe, allowing attackers to skip credential checks. Once bypassed, the attacker gains the ability to inject and run unauthorized commands, leading to arbitrary code execution.

What triggers the vulnerability in the Kestra API?

The bypass is triggered when an unauthenticated user sends a REST API request ending in the literal string /configs. Because of the flaw in the authentication filter, the system treats these requests as public and ignores authorization. Simply sending requests that do not end in /configs will not trigger this specific authentication bypass, though all API endpoints should be secured as a best practice.

Is my deployment at risk according to Halo Surface Signal?

Halo Surface Signal flags this as a likely risk because Kestra is frequently deployed with its REST API exposed to the internet to facilitate webhooks, automation, and remote triggers. If your Kestra instance is reachable from external networks, it is directly exposed to this threat. You should prioritize assessing your environment if your API gateway is accessible to non-internal users or external systems.

How do I secure my Kestra installation?

The first step is to identify all running instances of Kestra and determine which are accessible over the network. Since this issue is addressed in versions 1.0.45 and 1.3.21, the primary technical fix is to upgrade your software to one of these versions immediately. After upgrading, verify your network access controls to ensure that only trusted sources can reach your API endpoints.

References