671 matches found
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Tuzitio Camaleon_Cms
HTB Facts — Full Writeup Difficulty: Medium OS: Lin...
MinIO Browser API - Server-Side Request Forgery
MinIO Browser API before version RELEASE.2021-01-30T00-20-58Z contains a server-side request forgery vulnerability. id: CVE-2021-21287 info: name: MinIO Browser API - Server-Side Request Forgery author: pikpikcu severity: high description: MinIO Browser API before version...
MinIO - Incomplete Signature Validation for Unsigned-Trailer Uploads
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. The signature component of the authorization may be invalid, which would mean that as a client you can use any arbitrary secret to upload objects given the user already has prior WRITE permissions on...
MinIO Operator Console Authentication Bypass
MinIO Console is a graphical user interface for the for MinIO Operator. MinIO itself is a multi-cloud object storage project. Affected versions are subject to an authentication bypass issue in the Operator Console when an external IDP is enabled. id: CVE-2021-41266 info: name: MinIO Operator...
CVE-2026-42151 vulnerabilities
Vulnerabilities for packages: prometheus, minio...
GHSA-WG65-39GG-5WFJ vulnerabilities
Vulnerabilities for packages: prometheus, minio...
GHSA-WG65-39GG-5WFJ vulnerabilities
Vulnerabilities for packages: minio, ld-relay, minio-fips, prometheus-fips, ld-relay-fips, prometheus...
CVE-2026-42151 vulnerabilities
Vulnerabilities for packages: minio, ld-relay, minio-fips, prometheus-fips, ld-relay-fips, prometheus...
MAL-2026-4813 Malicious code in noteparse (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 270d4c797fe34bc0b9598608f45add8721f1fa80d1488e4fae750e3a7b38419e noteparse 1.1.27 ships live MinIO credentials in configReader.py endpoint uicfile.uniview.com, accesskey 'uicpro', secretkey 'uicpropass123' that are...
Malicious code in noteparse (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 270d4c797fe34bc0b9598608f45add8721f1fa80d1488e4fae750e3a7b38419e noteparse 1.1.27 ships live MinIO credentials in configReader.py endpoint uicfile.uniview.com, accesskey 'uicpro', secretkey 'uicpropass123' that are...
MinIO Cluster Deployment - Information Disclosure
MinIO is susceptible to information disclosure. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including MINIOSECRETKEY and MINIOROOTPASSWORD. An attacker can potentially obtain sensitive...
CVE-2026-42154 vulnerabilities
Vulnerabilities for packages: prometheus, minio...
GHSA-XH8F-G2QW-GCM7 vulnerabilities
Vulnerabilities for packages: minio...
CVE-2026-42600 vulnerabilities
Vulnerabilities for packages: minio...
GHSA-8RM2-7QQF-34QM vulnerabilities
Vulnerabilities for packages: prometheus, minio...
GHSA-8RM2-7QQF-34QM vulnerabilities
Vulnerabilities for packages: minio, ld-relay, minio-fips, prometheus-fips, ld-relay-fips, prometheus...
CVE-2026-42154 vulnerabilities
Vulnerabilities for packages: minio, ld-relay, minio-fips, prometheus-fips, ld-relay-fips, prometheus...
GHSA-XH8F-G2QW-GCM7 vulnerabilities
Vulnerabilities for packages: minio, minio-fips...
CVE-2026-42600 vulnerabilities
Vulnerabilities for packages: minio, minio-fips...
CLEANSTART-2026-SE34232 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-40179, CVE-2026-42499, CVE-2026-42501, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-p436-gjf2-799p applied in versions: 7.1.1-r10, 7.1.1-r7, 7.1.1-r8, 7.1.1-r9
Multiple security vulnerabilities affect the minio-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details...