Description

The frontend gRPC server's streaming interceptor chain did not include the authorization interceptor. When a ClaimMapper and Authorizer are configured, unary RPCs enforce authentication and authorization, but the streaming AdminService/StreamWorkflowReplicationMessages endpoint accepted requests without credentials. This endpoint is registered on the same port as WorkflowService and cannot be disabled independently. An attacker with network access to the frontend port could open the replication stream without authentication. Data exfiltration is possible, but  only when a configured replication target is correctly configured and the attacker has knowledge of the cluster configuration, as the history service validates cluster IDs and peer membership before returning replication data. Temporal Cloud is not affected.

INFO

Published Date :

2026-04-10T21:06:31.788Z

Last Modified :

2026-04-10T21:22:30.134Z

Source :

Temporal
AFFECTED PRODUCTS

The following products are affected by CVE-2026-5724 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-5724.

URL Resource
https://github.com/temporalio/temporal/releases/tag/v1.28.4 cve-icon cve-icon
https://github.com/temporalio/temporal/releases/tag/v1.29.6 cve-icon cve-icon
https://github.com/temporalio/temporal/releases/tag/v1.30.4 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability