CVE-2026-29184

Published March 7th, 2026

View on NVD ↗

CVSS v3

LOW

CVSS v2

N/A

Affected

PROJECT

Description

Backstage is an open framework for building developer portals. Prior to version 3.1.4, a malicious scaffolder template can bypass the log redaction mechanism to exfiltrate secrets provided run through task event logs. This issue has been patched in version 3.1.4.

backstage/backstage

Backstage is an open framework for building developer portals

GitHub

33.6K