CVE-2026-50141— Woodpecker gRPC agent_id metadata can be spoofed- cross-tenant agent impersonation
Possible ATT&CK Techniques 1AI
T1136.003 · Cloud AccountAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| woodpecker-ci | woodpecker | >= 3.0.0, < 3.14.1 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-50141
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Woodpecker gRPC agent_id metadata can be spoofed- cross-tenant agent impersonation
Source: NVD (National Vulnerability Database)
Vulnerability Description
Woodpecker is a CI/CD engine. Starting in version 3.0.0 and prior to version 3.14.1, a vulnerability in Woodpecker CI's gRPC layer allowed any authenticated agent to impersonate any other agent on the same server by injecting a forged `agent_id` value into outgoing gRPC metadata. The server correctly verified the JWT token but then discarded the verified agent identity in favor of the client-supplied value. Version 3.14.1 patches the issue. As a workaround, disable org agents (`WOODPECKER_DISABLE_USER_AGENT_REGISTRATION=true`) and delete existing ones.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用欺骗进行的认证绕过
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| woodpecker-ci | woodpecker | >= 3.0.0, < 3.14.1 | - |
II. Public POCs for CVE-2026-50141
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-50141
请登录查看更多情报信息。
Patches & Fixes for CVE-2026-50141 (2)
Vendor Advisories for CVE-2026-50141 (1)
Proof of Concept for CVE-2026-50141 (1)
Other References for CVE-2026-50141 (1)
- 🔗 Page not found · GitHub · GitHubx_refsource_MISC
IV. Related Vulnerabilities
Same weakness: CWE-290
- CVE-2026-25119
Gogs: Authentication Bypass via Unvalidated Reverse Proxy He - CVE-2026-47381
NocoDB: Cross-Workspace Integration Use in Connection Test - CVE-2026-54308
n8n: Missing Token Validation on Microsoft Agent 365 Trigger - CVE-2026-56357
n8n - Webhook Forgery via Missing HMAC-SHA256 Signature Veri - CVE-2026-49468
LiteLLM: Authentication Bypass via Host Header Injection
V. Comments for CVE-2026-50141
No comments yet