2 matches found
Milvus - Unauthenticated Metrics API Access
Milvus 2.5.27 and 2.6.10 contains an authentication bypass caused by weak default token and unauthenticated REST API on TCP port 9091, letting attackers perform arbitrary expression evaluation and data manipulation, exploit requires network access to port 9091. id: CVE-2026-26190 info: name: Milv...
CVE-2026-26190
creationtimestamp| type| source ---|---|--- 2026-02-11 11:40:49+00:00| published-proof-of-concept| https://github.com/milvus-io/milvus/security/advisories/GHSA-7ppg-37fh-vcr6 2026-02-13 19:22:24+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mera57cpvr2m 2026-02-14...