{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/woodpecker-ci-v3/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"id":"CVE-2026-50141"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Woodpecker CI v3"],"_cs_severities":["high"],"_cs_tags":["privilege-escalation","vulnerability","grpc","ci-cd"],"_cs_type":"advisory","_cs_vendors":["Woodpecker CI"],"content_html":"\u003cp\u003eA significant security flaw, tracked as CVE-2026-50141, was discovered in the gRPC communication layer of Woodpecker CI, a continuous integration platform. This vulnerability enabled any authenticated Woodpecker agent to effectively impersonate another agent residing on the same server. The core issue stemmed from the server's handling of \u003ccode\u003eagent_id\u003c/code\u003e metadata within gRPC requests. While the server correctly validated the JSON Web Token (JWT) provided by the client, it erroneously prioritized a client-supplied \u003ccode\u003eagent_id\u003c/code\u003e value over the verified identity derived from the JWT. This design flaw meant that a malicious or compromised agent could forge its identity, bypassing security controls and gaining unauthorized access to resources or executing actions typically reserved for the impersonated agent. The vulnerability impacts Woodpecker CI v3 versions, specifically from 3.0.0 up to, but not including, 3.14.1. This could lead to severe consequences for organizations using affected versions, including unauthorized code execution, data exfiltration, or disruption of CI/CD pipelines.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker gains authenticated access as any legitimate, potentially low-privileged, Woodpecker agent to the CI server.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a gRPC request, intending to perform an action or access resources.\u003c/li\u003e\n\u003cli\u003eWithin the gRPC request metadata, the attacker injects a forged \u003ccode\u003eagent_id\u003c/code\u003e value corresponding to a target agent they wish to impersonate.\u003c/li\u003e\n\u003cli\u003eThe malicious gRPC request is sent to the Woodpecker CI server.\u003c/li\u003e\n\u003cli\u003eThe server receives the request and correctly verifies the JWT token, confirming the attacker's original, legitimate agent identity.\u003c/li\u003e\n\u003cli\u003eDuring subsequent processing, the server \u003cem\u003eincorrectly\u003c/em\u003e discards the verified agent identity from the JWT.\u003c/li\u003e\n\u003cli\u003eThe server then prioritizes and accepts the forged \u003ccode\u003eagent_id\u003c/code\u003e supplied in the gRPC metadata by the attacker.\u003c/li\u003e\n\u003cli\u003eThe server executes the requested action or grants access to resources as if the request originated from the impersonated target agent, leading to unauthorized operations or privilege escalation.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-50141 allows an attacker to achieve cross-tenant agent impersonation within a Woodpecker CI environment. This can lead to significant unauthorized access and control over CI/CD pipelines, potentially enabling malicious actors to trigger builds, deploy unauthorized code, access sensitive repositories, or exfiltrate intellectual property. Organizations using affected versions of Woodpecker CI (v3.0.0 through v3.14.0) are at risk of severe operational disruption and data breaches. While no specific victim count or targeted sector is provided, any organization leveraging Woodpecker CI for their development workflows is a potential target.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ePatch CVE-2026-50141 immediately\u003c/strong\u003e: Upgrade Woodpecker CI v3 to version 3.14.1 or later to apply the necessary security patches mentioned in the references.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eImplement workarounds if patching is not immediate\u003c/strong\u003e: As a temporary mitigation, disable organization agents by setting \u003ccode\u003eWOODPECKER_DISABLE_USER_AGENT_REGISTRATION=true\u003c/code\u003e and delete any existing organization agents.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eReview logs for unusual gRPC activity\u003c/strong\u003e: While specific detection rules are challenging for this vulnerability, monitor Woodpecker CI server logs for any anomalies in agent behavior or unexpected actions attributed to specific agents, particularly after an agent has been authenticated.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-14T19:18:50Z","date_published":"2026-07-14T19:18:50Z","id":"https://feed.craftedsignal.io/briefs/2026-07-woodpecker-grpc-agent-impersonation/","summary":"A high-severity vulnerability (CVE-2026-50141) in Woodpecker CI's gRPC layer allowed any authenticated agent to impersonate any other agent on the same server by injecting a forged `agent_id` into gRPC metadata, leading to potential privilege escalation and unauthorized access within CI/CD pipelines.","title":"Woodpecker CI gRPC Vulnerability Allows Cross-Tenant Agent Impersonation (CVE-2026-50141)","url":"https://feed.craftedsignal.io/briefs/2026-07-woodpecker-grpc-agent-impersonation/"}],"language":"en","title":"CraftedSignal Threat Feed - Woodpecker CI V3","version":"https://jsonfeed.org/version/1.1"}