Orkes Conductor unauth RCE (CVE-2026-58138) [PoC]
CVE-2026-58138
CVE-2026-58138 is a critical unauthenticated RCE in Orkes Conductor 3.21.21-3.30.1 that allows arbitrary OS command execution. Update to version 3.30.2 or later immediately.
Exploitation confirmed - public proof-of-concept - CVE-2026-58138 is a critical unauthenticated remote code execution in Orkes Conductor versions 3.21.21 through 3.30.1 that lets attackers execute arbitrary OS commands on the server without any credentials. Patched in version 3.30.2 - update immediately.
Overview
CVE-2026-58138 affects Orkes Conductor, a workflow orchestration platform. The vulnerability allows unauthenticated remote attackers to submit malicious workflow definitions via the workflow API endpoint before any authentication check occurs. These definitions can contain inline JavaScript or Python expressions that are evaluated by unsandboxed GraalVM evaluators.
The vulnerability exists when GraalVM evaluators are configured with HostAccess.ALL or allowAllAccess(true). Attackers exploit this through INLINE, LAMBDA, DO_WHILE, and SWITCH task types to invoke arbitrary system commands using Java reflection or direct subprocess calls.
With a CVSS score of 9.8 (Critical), this vulnerability requires no privileges, no user interaction, and can be exploited over the network with low complexity.
Impact
Successful exploitation grants attackers complete control over the affected Orkes Conductor server. Attackers can execute any OS command, access sensitive data, modify workflow definitions, install persistent backdoors, or pivot to internal network resources. The unauthenticated nature of this vulnerability means any system exposed to the internet is at immediate risk.
Remediation
Immediate Action: Upgrade Orkes Conductor to version 3.30.2 or later. This version addresses the GraalVM sandbox bypass by properly restricting evaluator access.
Mitigation Steps:
- Verify your Orkes Conductor version: check the application version in the admin console or via API.
- If immediate patching is not possible, restrict network access to the workflow API endpoint to trusted IP addresses only.
- Review GraalVM evaluator configurations and ensure HostAccess.ALL or allowAllAccess(true) is not enabled.
- Monitor for suspicious workflow submissions containing inline script expressions.
Security Insight
This vulnerability highlights a recurring pattern in workflow and automation platforms - exposing script evaluation engines before authentication. Similar issues have been seen in Apache NiFi and Node-RED where inline expression evaluation becomes an RCE vector when sandboxing is misconfigured. The fact that GraalVM’s HostAccess.ALL bypass requires no authentication suggests Orkes Conductor’s security review process needs to include pre-authentication attack surface analysis for all API endpoints that accept user-controlled code.
For the latest data breach reports, visit breach reports. For current cybersecurity news, see security news.
Further Reading
Never miss a critical vulnerability
Get real-time security alerts delivered to your preferred platform.
Public PoC References
Unverified third-party code
These repositories are publicly listed on GitHub and have not been audited by Yazoul Security. They may contain malware, backdoors, destructive payloads, or operational security risks (telemetry, exfiltration). Treat them as hostile binaries. Inspect source before execution. Run only in isolated, disposable lab environments (offline VM, no credentials, no production data).
Authorized use only. This information is provided for defensive research, detection engineering, and patch validation. Using exploit code against systems you do not own or do not have explicit written permission to test is illegal in most jurisdictions and violates Yazoul's terms of use.
| Repository | Stars |
|---|---|
| BiiTts/CVE-2026-58138-Conductor-Unauth-RCE CVE-2026-58138 — Conductor (3.21.21..<3.30.2) unauthenticated RCE via INLINE GraalVM evaluator (HostAccess.ALL). Lab + PoC, verified e2e (root). | ★ 0 |
Showing 1 of 1 known references. Source: nomi-sec/PoC-in-GitHub.
Related Advisories
ai-scanner is an AI model safety scanner built on NVIDIA garak. From version 1.0.0 to before version 1.4.1, there is a remote code execution vulnerability via JavaScript injection in `BrowserAutomatio...
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability. This allows attackers to write code which can escape from the VM2 sandbox and ...
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.10.5, the fix for CVE-2023-37466 is insufficient and can be circumvented allowing attackers to write code which can escape from the VM2...
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability through the inspect function. This allows attackers to write code which can esc...