Infrastructure

vulnerability 2026-04-28
CrowdStrike LogScale CVE-2026-40050: Unauthenticated Path Traversal Reads Arbitrary Server Files
A critical 9.8 CVSS path traversal in CrowdStrike's LogScale lets unauthenticated attackers read arbitrary files from self-hosted clusters. Patch to 1.235.1, 1.234.1, 1.233.1, or 1.228.2 LTS.
crowdstrike logscale cve-2026-40050 path-traversal siem infrastructure

CrowdStrike LogScale CVE-2026-40050: Unauthenticated Path Traversal Reads Arbitrary Server Files