top of page
perceptive_background_267k.jpg

OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead t…

Published:

3 June 2026 at 22:00:00

Alert date:

4 June 2026 at 05:00:27

Source:

nvd.nist.gov

Click to open the original link from this advisory

Cloud & Virtualization

OpenStack Mistral through version 22.0.0 contains a critical vulnerability that allows arbitrary remote code execution when the API is exposed. The vulnerability exists in certain endpoints that permit code execution, potentially leading to the exfiltration of service credentials. This affects all versions up to and including 22.0.0 of the OpenStack Mistral workflow service. The vulnerability has been assigned CVE-2026-41283 and poses a significant security risk to OpenStack deployments with exposed Mistral APIs.

Technical details

Mitigation steps:

Affected products:

OpenStack Mistral

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-41283
https://github.com/openstack/mistral/tags
https://www.openwall.com/lists/oss-security/2026/06/03/14

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page