Known Vulnerabilities for products from Kestra
Listed below are 3 of the newest known vulnerabilities associated with the vendor "Kestra".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-55069 json | Not Provided | 2026-06-26 | 2026-06-26 | |
| CVE-2026-53577 json | Not Provided | 2026-06-26 | 2026-06-27 | |
| CVE-2026-53576 json | Not Provided | 2026-06-26 | 2026-06-26 | |
| CVE-2026-49984 json | Not Provided | 2026-06-26 | 2026-06-26 | |
| CVE-2026-49869 json | Not Provided | 2026-06-26 | 2026-06-26 | |
| CVE-2026-48129 json | Not Provided | 2026-06-19 | 2026-06-23 | |
| CVE-2026-45807 json | Not Provided | 2026-06-26 | 2026-06-26 | |
| CVE-2026-38428 json | Kestra v1.3.3 and before is vulnerable to SQL Injection. The vulnerability occurs because user-controlled input from a GET pa... | Not Provided | 2026-05-05 | 2026-05-08 |
| CVE-2026-34612 json | Kestra is an open-source, event-driven orchestration platform. Prior to version 1.3.7, Kestra (default docker-compose deploym... | Not Provided | 2026-04-03 | 2026-04-13 |
| CVE-2026-33664 json | Kestra is an open-source, event-driven orchestration platform Versions up to and including 1.3.3 render user-supplied flow YA... | Not Provided | 2026-03-26 | 2026-03-31 |