{"id":235920,"date":"2026-04-26T12:08:00","date_gmt":"2026-04-26T16:08:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/04\/26\/critical-bug-in-crowdstrike-logscale-let-attackers-access-files\/"},"modified":"2026-04-26T13:40:14","modified_gmt":"2026-04-26T17:40:14","slug":"critical-bug-in-crowdstrike-logscale-let-attackers-access-files","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/04\/26\/critical-bug-in-crowdstrike-logscale-let-attackers-access-files\/","title":{"rendered":"Critical bug in CrowdStrike LogScale let attackers access files"},"content":{"rendered":"<p><a href=\"https:\/\/securityaffairs.com\/191343\/hacking\/critical-bug-in-crowdstrike-logscale-let-attackers-access-files.html\">Critical bug in CrowdStrike LogScale let attackers access files<\/a><\/p>\n<p><a href=\"https:\/\/securityaffairs.com\/191343\/hacking\/critical-bug-in-crowdstrike-logscale-let-attackers-access-files.html\">https:\/\/securityaffairs.com\/191343\/hacking\/critical-bug-in-crowdstrike-logscale-let-attackers-access-files.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-26 12:08:00<\/a><\/p>\n<p>Source Domain: <a href=\"securityaffairs.com\">securityaffairs.com<\/a><\/p>\n<p><h2>Critical bug in CrowdStrike LogScale let attackers access files<\/h2>\n<\/p>\n<p>\t\t\t\t\t\t\t<span> Pierluigi Paganini<\/span><br \/>\n\t\t\t\t\t\t\t<span><img decoding=\"async\" src=\"https:\/\/securityaffairs.com\/wp-content\/themes\/security_affairs\/images\/clock-icon.svg\" alt=\"\"\/> April 26, 2026<\/span><\/p>\n<p>\t\t\t\t\t\t<img decoding=\"async\" class=\"img-fluid mb-4\" src=\"https:\/\/i0.wp.com\/securityaffairs.com\/wp-content\/uploads\/2024\/07\/image-22.png?fit=900%2C500&#038;ssl=1\" alt=\"\"\/><\/p>\n<h2 class=\"wp-block-heading\">CrowdStrike fixed CVE-2026-40050 in LogScale self-hosted, a critical flaw allowing unauthenticated file access via path traversal.<\/h2>\n<p>CrowdStrike recently disclosed a critical vulnerability, tracked as CVE-2026-40050, affecting its LogScale self-hosted product. The flaw enables unauthenticated path traversal, which could allow a remote attacker to read arbitrary files from the server filesystem. <\/p>\n<p>\u201cCrowdStrike has released security updates to address a critical unauthenticated path traversal vulnerability in LogScale. This vulnerability only requires mitigation by customers that host specific versions of LogScale and does not affect Next-Gen SIEM customers.\u201d reads the advisory published by the cybersecurity firm. \u201cThe vulnerability exists in a specific cluster API endpoint that, if exposed, allows a remote attacker to read arbitrary files from the server filesystem without authentication.\u201d<\/p>\n<p>CrowdStrike LogScale is a log management and observability platform designed to help organizations collect, search, and analyze large volumes of machine data in real time.<\/p>\n<p>It ingests logs from systems, applications, cloud services, and security tools, then makes them searchable almost instantly using a high-performance indexing architecture. This is particularly useful for security operations centers (SOCs), where fast investigation of alerts and incidents matters.<\/p>\n<p>CrowdStrike confirmed that Next-Gen SIEM customers are not affected. LogScale SaaS users were protected on April 7, 2026 through network-layer mitigations applied across all clusters. The company is not aware of attacks exploiting this vulnerability. However, self-hosted LogScale customers must urgently upgrade to a patched version. The flaw was discovered internally through continuous product testing, highlighting proactive security&#8230;<\/p>\n<p><a href=\"https:\/\/securityaffairs.com\/191343\/hacking\/critical-bug-in-crowdstrike-logscale-let-attackers-access-files.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Critical bug in CrowdStrike LogScale let attackers access files https:\/\/securityaffairs.com\/191343\/hacking\/critical-bug-in-crowdstrike-logscale-let-attackers-access-files.html Publish Date: 2026-04-26 12:08:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":235921,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2024\/07\/image-22.png","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,27],"class_list":["post-235920","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/235920"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=235920"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/235920\/revisions"}],"predecessor-version":[{"id":235922,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/235920\/revisions\/235922"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/235921"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=235920"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=235920"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=235920"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}