REPRO-2026-00184 MEDIUM Auth Bypass Verified

Temporal Server: batcher worker cross-namespace authorization bypass (BatchActivityWithProtobuf)

temporal (go) May 28, 2026

Open in Codespaces Download Script Download Variant Script

Confidence HIGH

Reproduced in 72m 49s

Spend $6.46

Tool calls 401

Affected 1.29.0 – 1.29.4 (and 1.30.0 – 1.30.2)

Fixed in 1.29.5

What's the vulnerability?

The original NVD blurb and several early advisories claimed a frontend gRPC cross-namespace signal bypass. That vector is incorrect — the public frontend authorization interceptor correctly validates Request.Namespace against the caller's claims on both v1.29.4 and v1.29.5.

The actual vulnerability lives in the per-namespace batcher worker (service/worker/batcher/activities.go). BatchActivityWithProtobuf receives a BatchOperationInput protobuf and, on v1.29.4, calls checkNamespaceID(batchParams.NamespaceId). This validates only the namespace ID field, but the activity then forwards batchParams.Request.Namespace (a namespace name) to the internal frontend client. The internal frontend runs with NoopClaimMapper → RoleAdmin, so any namespace string supplied by the attacker is executed unconditionally.

An attacker who holds a valid auth token (writer role) for namespace A can submit a batch operation whose protobuf carries:

NamespaceId = the worker-bound ID for namespace A (passes checkNamespaceID)
Request.Namespace = the name of victim namespace B

The batcher worker then signals, cancels, terminates, or resets workflows in namespace B without re-validating the caller's authorization for B.

The bug is authenticated (requires valid credentials for at least one namespace on the cluster). It affects multi-tenant clusters that expose batch operations. The impact is an integrity violation against victim workflows (signal/reset/terminate), not data exfiltration.