Developers love "bundled" APIs. They offer atomicity and efficiency, allowing you to chain complex state changes into a single network request. Security engineers, however, should fear them. Bundling introduces complexity, and complexity is where the bugs hide.
As part of my research at depthfirst, I recently discovered a vulnerability in Temporal’s ExecuteMultiOperation endpoint (CVE-2025-14986). It was an identity-binding bug: the outer request passed authorization for one namespace, but an inner operation carried a different namespace that the server used during request preparation.
Why This Matters (What is Temporal?)
For those unfamiliar, Temporal is the backbone of durable execution for companies like Netflix, Stripe, and Datadog. It ensures code runs reliably even if servers fail. When you find a bug in Temporal, it affects the reliability layer that major companies depend on.
City Gate
The vulnerability lived in ExecuteMultiOperation , a handler designed to execute a StartWorkflow and UpdateWorkflow command in a single transaction.
When a request hits this endpoint, Temporal correctly performs an authorization check on the outer namespace. If I am authenticated as AttackerNS , the system checks my permissions, resolves my namespaceID, and opens the gate.
// service/frontend/workflow_handler.go func (wh *WorkflowHandler) ExecuteMultiOperation ( ctx context.Context, request *workflowservice.ExecuteMultiOperationRequest, ) (_ *workflowservice.ExecuteMultiOperationResponse, retError error) { // ... // 1. AUTHORIZATION: The system validates the top-level namespace namespaceName := namespace.Name(request.Namespace) namespaceID, err := wh.namespaceRegistry.GetNamespaceID(namespaceName) // ... // 2. HANDOFF: The derived namespaceID is passed downstream historyReq, err := wh.convertToHistoryMultiOperationRequest(namespaceID, request)
So far, so good. The guard checked my ID, and I was allowed in.
Two Faces
... continue reading