A missing authorization check in Backstage's unprocessed entities endpoints allows any authenticated user to read unprocessed entity records regardless of ownership. The vulnerability exists in the @backstage/plugin-catalog-backend-module-unprocessed package prior to version 0.6.11. The CVSS 3.1 vector indicates network attack vector, low attack complexity, low privileges required, no user interaction, un [truncated]
CVE-2026-29186 is a high-severity configuration bypass vulnerability in the Backstage Plugin-Techdocs-Node. The vulnerability allows attackers to craft an mkdocs.yml file that causes arbitrary Python code execution, completely bypassing TechDocs' security controls. This issue has been patched in version 1.14.3. The vulnerability has a CVSS score of 7.7 and is considered high severity. The vulnerability wa [truncated]
CVE-2026-25153 is a high-severity vulnerability in the Backstage developer portal framework. The vulnerability affects @backstage/plugin-techdocs-node versions prior to 1.13.11 and 1.14.1. An attacker can exploit this vulnerability by submitting or modifying a repository's mkdocs.yml file to execute arbitrary Python code on the TechDocs build server via MkDocs hooks configuration. The fix introduces an al [truncated]
CVE-2026-24046 is a high-severity vulnerability affecting Backstage, an open framework for building developer portals. Multiple Scaffolder actions and archive extraction utilities were vulnerable to symlink-based path traversal attacks. An attacker with access to create and execute Scaffolder templates could exploit symlinks to read arbitrary files, delete arbitrary files, and write files outside the work [truncated]