HIGH🇵🇱 Wersja polska

CVE-2026-29186

CVSS 7.7v3.1pub. 2026-03-07upd. 2026-06-30

Backstage is an open framework for building developer portals. Prior to version 1.14.3, this is a configuration bypass vulnerability that enables arbitrary code execution. The @backstage/plugin-techdocs-node package uses an allowlist to filter dangerous MkDocs configuration keys during the documentation build process. A gap in this allowlist allows attackers to craft an mkdocs.yml that causes arbitrary Python code execution, completely bypassing TechDocs' security controls. This issue has been patched in version 1.14.3.

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L
  • Linuxfoundation Backstage Plugin Techdocs Node

    APP
    Linuxfoundation
    < 1.14.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2026-53488CRITICAL9.4ten sam vendor

containerd is an open-source container runtime. In versions prior to 1.7.33, 2.3.2, 2.2.5, 2.1.9, and 2.0.10 t...

CVE-2026-44477CRITICAL9.4PL ✓ten sam vendor

CloudNativePG: eskalacja uprawnień do superużytkownika PostgreSQL przez metrics exporter

CVE-2026-37531CRITICAL9.8PL ✓ten sam vendor

AGL app-framework-main: Zip Slip + TOCTOU umożliwiają zapis dowolnych plików

CVE-2026-32604CRITICAL9.9PL ✓ten sam vendor

RCE w Spinnaker — wykonanie dowolnych poleceń na podach clouddriver

CVE-2026-32613CRITICAL9.9PL ✓ten sam vendor

Spinnaker Echo: nieograniczony dostęp SPeL umożliwia RCE