CVE 9.8 CRITICAL

CrowdStrike LogScale Unauthenticated Path Traversal_CVE-2026-40050

April 21, 2026 invoker category_cve

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

CrowdStrike has released security updates to address a critical unauthenticated path traversal vulnerability (CVE-2026-40050) in LogScale. This vulnerability only requires mitigation by customers that host specific versions of LogScale and does not affect Next-Gen SIEM customers. The vulnerability exists in a specific cluster API endpoint that, if exposed, allows a remote attacker to read arbitrary files from the server filesystem without authentication.

Next-Gen SIEM customers are not affected and do not need to take any action. CrowdStrike mitigated the vulnerability for LogScale SaaS customers by deploying network-layer blocks to all clusters on April 7, 2026. We have proactively reviewed all log data and there is no evidence of exploitation.

LogScale Self-hosted customers should upgrade to a patched version immediately to remediate the vulnerability.

CrowdStrike identified this vulnerability during continuous and ongoing product testing.

AI Analysis

Unauthenticated path traversal vulnerability allowing remote attackers to read arbitrary files from the server filesystem

Basic Information

ID CVE-2026-40050

Source CrowdStrike

Published Apr 21, 2026 at 16:48

Modified Apr 21, 2026 at 17:25

Affected Product

Vendor CrowdStrike

Product LogScale Self-Hosted

Version 1.224.0

Affected Versions CrowdStrike LogScale Self-Hosted 1.224.0

CWE Classification

CWE-306 CWE-22

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor CrowdStrike

Product LogScale

Version 1.224.0

References

www.crowdstrike.com /en-us/security-advisories/cve-2026-40050/

{
    "lastseen": "",
    "description": "CrowdStrike has released security updates to address a critical unauthenticated path traversal vulnerability (CVE-2026-40050) in LogScale. This vulnerability only requires mitigation by customers that host specific versions of LogScale and does not affect Next-Gen SIEM customers. The vulnerability exists in a specific cluster API endpoint that, if exposed, allows a remote attacker to read arbitrary files from the server filesystem without authentication.\n\nNext-Gen SIEM customers are not affected and do not need to take any action. CrowdStrike mitigated the vulnerability for LogScale SaaS customers by deploying network-layer blocks to all clusters on April 7, 2026. We have proactively reviewed all log data and there is no evidence of exploitation.\n\nLogScale Self-hosted customers should upgrade to a patched version immediately to remediate the vulnerability.\n\nCrowdStrike identified this vulnerability during continuous and ongoing product testing.",
    "published": "2026-04-21T16:48:24.722Z",
    "modified": "2026-04-21T17:25:29.299Z",
    "type": "cve",
    "title": "CrowdStrike LogScale Unauthenticated Path Traversal",
    "source": "CrowdStrike",
    "references": "https://www.crowdstrike.com/en-us/security-advisories/cve-2026-40050/",
    "id": "CVE-2026-40050",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306",
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "CrowdStrike LogScale Self-Hosted 1.224.0",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "LogScale Self-Hosted",
    "version": "1.224.0",
    "vendor": "CrowdStrike",
    "ai_description": "Unauthenticated path traversal vulnerability allowing remote attackers to read arbitrary files from the server filesystem",
    "ai_severity": "Critical",
    "ai_vendor": "CrowdStrike",
    "ai_product": "LogScale",
    "ai_version": "1.224.0",
    "ai_score": 9.8
}

💭 Join the Security Discussion ❌ Cancel Reply