CrowdStrike Falcon LogScale vulnerability: find impacted assets

CrowdStrike disclosed CVE-2026-40050, a critical (CVSS 9.1) unauthenticated path traversal in self-hosted Falcon LogScale (formerly Humio) that can be exploited via a cluster API endpoint to read arbitrary files on the server filesystem. Affected versions include LogScale GA 1.224.0–1.234.0 and LTS 1.228.0/1.228.1; CrowdStrike and guidance recommend immediate upgrades to specified patched versions and provide a runZero query to locate potentially impacted assets.