CVE-2026-40050 - Vulnerability Analysis
CriticalCVSS: 9.8Last Updated: April 21, 2026
CrowdStrike LogScale - Path Traversal
Overview
CrowdStrike LogScale contains a path traversal caused by an exposed cluster API endpoint, letting remote unauthenticated attackers read arbitrary files from the server filesystem, exploit requires exposed vulnerable API endpoint.
Severity & Score
Impact
Remote unauthenticated attackers can read arbitrary files on the server, potentially exposing sensitive information.
Mitigation
LogScale Self-hosted customers should upgrade to the latest patched version immediately.
Social Media Activity(2 posts)
š“ CVE-2026-40050 - Critical (9.8) CrowdStrike has released security updates to address a critical unauthenticated path traversal vulnerability (CVE-2026-40050) in LogScale. This vulnerability only requires mitigation by customers that host specific versions of LogScale and does no... š https://www.thehackerwire.com/vulnerability/CVE-2026-40050/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š“ CVE-2026-40050 - Critical (9.8) CrowdStrike has released security updates to address a critical unauthenticated path traversal vulnerability (CVE-2026-40050) in LogScale. This vulnerability only requires mitigation by customers that host specific versions of LogScale and does no... š https://www.thehackerwire.com/vulnerability/CVE-2026-40050/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-40050
- Severity
- Critical
- CVSS Score
- 9.8
- Type
- path_traversal
- Status
- new
- EPSS
- 0.0%
- Social Posts
- 2
CWE
- CWE-22
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H