High severity7.4NVD Advisory· Published May 7, 2026· Updated May 8, 2026

CVE-2026-40213

Description

OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless of roles, project membership, or scope. An authenticated user with zero role assignments can complete various actions such as reprogramming FPGA bitstreams on arbitrary compute nodes via agent RPC.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
openstack-cyborgPyPI	< 16.0.1	16.0.1

Affected products

OpenStack/Cyborginferred
Range: <16.0.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/advisories/GHSA-mm7j-mhhj-hj36ghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2026-40213ghsaADVISORY
bugs.launchpad.net/openstack-cyborg/+bug/2143263nvdWEB
security.openstack.org/ossa/OSSA-2026-011.htmlnvdWEB
www.openwall.com/lists/oss-security/2026/05/07/6nvdWEB

News mentions

No linked articles in our index yet.

cvss	0.481
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000