Changeflow GovPing Data Privacy & Cybersecurity CrowdStrike LogScale Arbitrary File Read Vulner...
Priority review Guidance Added Final

CrowdStrike LogScale Arbitrary File Read Vulnerability Resolved

Favicon for www.acn.gov.it Italy ACN News alt
Published
Detected
Email

Summary

Agenzia per la Cybersicurezza Nazionale (ACN) published an alert (AL03/260423/CSIRT-ITA) regarding a critical arbitrary file read vulnerability in CrowdStrike LogScale, identified as CVE-2026-40050. The vulnerability affects LogScale Self-Hosted versions from 1.224.0 to 1.233.0 (inclusive), 1.234.x versions prior to 1.234.1, and LTS version 1.228.1 and earlier. ACN recommends updating vulnerable products per the vendor security bulletin referenced in the alert.

“Aggiornamento di sicurezza risolve una vulnerabilità con gravità "critica" in CrowdStrike LogScale.”

ACN , verbatim from source
Why this matters

Organizations using LogScale Self-Hosted should verify their deployed version against the affected version ranges and apply the security update without delay. The arbitrary file read vulnerability could expose sensitive configuration files, credentials, or data stored on the server filesystem if exploited by an unauthenticated actor.

AI-drafted from the source document, validated against GovPing's analyst note standards . For the primary regulatory language, read the source document .
Published by ACN on acn.gov.it . Detected, standardized, and enriched by GovPing. Review our methodology and editorial standards .

About this source

GovPing monitors Italy ACN News alt for new data privacy & cybersecurity regulatory changes. Every update since tracking began is archived, classified, and available as free RSS or email alerts — 3 changes logged to date.

View original document View source feed page

What changed

ACN issued an alert reporting that CrowdStrike has resolved a critical arbitrary file read vulnerability in LogScale Self-Hosted (CVE-2026-40050). The vulnerability could allow an unauthenticated attacker to read arbitrary files from the server filesystem. Affected versions include LogScale Self-Hosted GA 1.224.0 to 1.233.0, 1.234.x before 1.234.1, and LTS 1.228.x version 1.228.1 and earlier. ACN classifies the systemic impact as High (66.41) and references the vendor security bulletin for mitigation steps. Organizations running affected LogScale Self-Hosted deployments should update to the patched version immediately to prevent potential unauthorized file access.

What to do next

  1. Update vulnerable products following vendor security bulletin guidance

Archived snapshot

Apr 23, 2026

GovPing captured this document from the original source. If the source has since changed or been removed, this is the text as it existed at that time.

CrowdStrike: risolta vulnerabilità in LogScale

**
Alert**

AL03/260423/CSIRT-ITA

Condividi
- Facebook
- Twitter
- LinkedIn
- Whatsapp

Sintesi

Aggiornamento di sicurezza risolve una vulnerabilità con gravità “critica” in CrowdStrike LogScale. Tale vulnerabilità, qualora sfruttata, potrebbe consentire a un utente malintenzionato non autenticato la lettura di file arbitrari dal filesystem del server.

Tipologia

  • Arbitrary File Read

Prodotti e/o versioni affette

  • LogScale Self-Hosted: versioni GA dalla 1.224.0 alla 1.233.0 (inclusa)
  • LogScale Self-Hosted 1.234.x: versioni GA precedenti alla 1.234.1
  • LogScale Self-Hosted LTS 1.228.x: versione 1.228.1 e precedenti

Azioni di mitigazione

In linea con le dichiarazioni del vendor, si consiglia di aggiornare i prodotti vulnerabili seguendo le indicazioni del bollettino di sicurezza riportato nella sezione Riferimenti.

CVE (1)

Cerca:
| CVE | POC | EXPLOITATION |
| --- | --- | --- |
| CVE-2026-40050 | - | - |

Riferimenti (1)

  1. https://www.crowdstrike.com/en-us/security-advisories/cve-2026-40050/

Change log

Versione Note Data
1.0 Pubblicato il 23-04-2026 23/04/2026

Impatto sistemico

Alto (66.41)

Argomenti

Data pubblicazione

23/04/26 ore 13:12

Data Ultimo Aggiornamento

23/04/26 ore 13:12

Related changes

Favicon for www.csirt.gov.it Zimbra CVE-2025-48700 Active Exploitation Detected by Italy CSIRT
Priority review Apr 23, 2026 Italy CSIRT Advisories Data Privacy & Cybersecurity
Favicon for www.csirt.gov.it Apache Kafka Critical Auth Bypass Vulnerability CVE-2026-33557 Affects Versions 4.1.x
Priority review Apr 23, 2026 Italy CSIRT Advisories Data Privacy & Cybersecurity
Favicon for www.acn.gov.it High Severity Junos OS Arbitrary Code Execution Vulnerability Fixed
Routine Apr 23, 2026 Italy ACN News alt Data Privacy & Cybersecurity

Get daily alerts for Italy ACN News alt

Daily digest delivered to your inbox.

Free. Unsubscribe anytime.

Source

Favicon for www.acn.gov.it
Italy ACN News alt acn.gov.it/portale/feedrss/-/journal/rss/20119/723192
Data Privacy & Cybersecurity

About this page

What is GovPing?

Every important government, regulator, and court update from around the world. One place. Real-time. Free. Our mission

What's from the agency?

Source document text, dates, docket IDs, and authority are extracted directly from ACN.

What's AI-generated?

The summary, classification, recommended actions, deadlines, and penalty information are AI-generated from the original text and may contain errors. Always verify against the source document.

Last updated

Press inquiries →

Classification

Agency
ACN
Published
April 23rd, 2026
Instrument
Guidance
Branch
Executive
Source language
it
Legal weight
Non-binding
Stage
Final
Change scope
Substantive

Who this affects

Applies to
Technology companies Government agencies Manufacturers
Industry sector
5112 Software & Technology
Activity scope
Cybersecurity vulnerability disclosure Software patch management
Geographic scope
IT IT

Taxonomy

Primary area
Cybersecurity
Operational domain
IT Security
Topics
Data Privacy Consumer Protection

Browse Categories

Agriculture & Food Safety 79 AI Regulation 3 Banking & Finance 482 Consumer Protection 123 Courts & Legal 458 Data Privacy & Cybersecurity 142 Defense & National Security 52 Education 64 Energy 113 Environment 168 Gaming 2 Government & Legislation 497 Healthcare 15 Healthcare & Life Sciences 387 Immigration 11 Insurance 87 Labor & Employment 184 Pharma & Drug Safety 21 Professional Licensing 6 Real Estate & Housing 74 Securities & Markets 170 Tax 104 Telecom & Technology 50 Trade & Sanctions 159 Transportation 116

Get alerts for this source

We'll email you when Italy ACN News alt publishes new changes.

Free. Unsubscribe anytime.

You're subscribed!