top of page
perceptive_background_267k.jpg

OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead t…

Published:

3 juni 2026 om 22:00:00

Alert date:

4 juni 2026 om 05:00:27

Source:

nvd.nist.gov

Click to open the original link from this advisory

Cloud & Virtualization

OpenStack Mistral through version 22.0.0 contains a critical vulnerability that allows arbitrary remote code execution when the API is exposed. The vulnerability exists in certain endpoints that permit code execution, potentially leading to the exfiltration of service credentials. This affects all versions up to and including 22.0.0 of the OpenStack Mistral workflow service. The vulnerability has been assigned CVE-2026-41283 and poses a significant security risk to OpenStack deployments with exposed Mistral APIs.

Technical details

Mitigation steps:

Affected products:

OpenStack Mistral

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-41283
https://github.com/openstack/mistral/tags
https://www.openwall.com/lists/oss-security/2026/06/03/14

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page