CVE-2026-41283
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
04/06/2026
Last modified:
08/07/2026
Description
OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead to exfiltration of service credentials.
Impact
Base Score 3.x
9.90
Severity 3.x
CRITICAL
References to Advisories, Solutions, and Tools
- https://github.com/openstack/mistral/tags
- https://security.openstack.org/ossa/OSSA-2026-020.html
- https://www.openwall.com/lists/oss-security/2026/06/03/14
- http://www.openwall.com/lists/oss-security/2026/06/03/14
- https://access.redhat.com/security/cve/CVE-2026-41283
- https://bugzilla.redhat.com/show_bug.cgi?id=2484607
- https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41283.json



