SUSE CVE-2026-34204

MinIO is a high-performance object storage system. Prior to version RELEASE.2026-03-26T21-24-40Z, a flaw in extractMetadataFromMime allows any authenticated user with s3:PutObject permission to inject internal server-side encryption metadata into objects by sending crafted X-Minio-Replication-...

BIT-MINIO-2026-34204 MinIO is Vulnerable to SSE Metadata Injection via Replication Headers

MinIO is a high-performance object storage system. Prior to version 2026.03.26, a flaw in extractMetadataFromMime allows any authenticated user with s3:PutObject permission to inject internal server-side encryption metadata into objects by sending crafted X-Minio-Replication- headers on a normal...

CLSA-2026-1775224807 Fix of 95 CVEs

CVE-2025-39683 - tracing: Remove unneeded goto out logic CVE-2025-39683 - tracing: Limit access to parser-buffer when tracegetuser failed CVE-2025-39683 CVE-2025-38079 - crypto: algifhash - fix double free in hashaccept CVE-2025-38079 CVE-2025-38159 - wifi: rtw88: fix the 'para' buffer size to...

JLSEC-2026-24

It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the searchpath during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the...

GO-2026-4896 MinIO is Vulnerable to SSE Metadata Injection via Replication Headers in github.com/minio/minio

MinIO is Vulnerable to SSE Metadata Injection via Replication Headers in github.com/minio/minio...

PT-2026-29942

MinIO is Vulnerable to SSE Metadata Injection via Replication Headers in github.com/minio/minio...

CVE-2026-34204

MinIO is a high-performance object storage system. Prior to version RELEASE.2026-03-26T21-24-40Z, a flaw in extractMetadataFromMime allows any authenticated user with s3:PutObject permission to inject internal server-side encryption metadata into objects by sending crafted X-Minio-Replication-...

Dell AppSync 安全漏洞

Dell AppSync is a data replication management application developed by the American company Dell. Version 4.6.0 of Dell AppSync contains a security vulnerability, which stems from an issue with UNIX symbolic links causing information tampering...

CVE-2026-34204

MinIO is a high-performance object storage system. Prior to version RELEASE.2026-03-26T21-24-40Z, a flaw in extractMetadataFromMime allows any authenticated user with s3:PutObject permission to inject internal server-side encryption metadata into objects by sending crafted X-Minio-Replication-...

CVE-2026-34204 MinIO is Vulnerable to SSE Metadata Injection via Replication Headers

MinIO is a high-performance object storage system. Prior to version RELEASE.2026-03-26T21-24-40Z, a flaw in extractMetadataFromMime allows any authenticated user with s3:PutObject permission to inject internal server-side encryption metadata into objects by sending crafted X-Minio-Replication-...

CVE-2026-34204

MinIO is vulnerable to SSE metadata injection via replication headers (CVE-2026-34204). Affected component is cmd/handler-utils.go, extractMetadataFromMime(). An authenticated user with s3:PutObject permission can send crafted X-Minio-Replication-* headers (without X-Minio-Source-Replication-Requ...

CVE-2026-34204

MinIO is a high-performance object storage system. Prior to version RELEASE.2026-03-26T21-24-40Z, a flaw in extractMetadataFromMime allows any authenticated user with s3:PutObject permission to inject internal server-side encryption metadata into objects by sending crafted X-Minio-Replication-...

CVE-2026-34204 MinIO is Vulnerable to SSE Metadata Injection via Replication Headers

MinIO is a high-performance object storage system. Prior to version RELEASE.2026-03-26T21-24-40Z, a flaw in extractMetadataFromMime allows any authenticated user with s3:PutObject permission to inject internal server-side encryption metadata into objects by sending crafted X-Minio-Replication-...

CVE-2026-34204

MinIO is a high-performance object storage system. Prior to version RELEASE.2026-03-26T21-24-40Z, a flaw in extractMetadataFromMime allows any authenticated user with s3:PutObject permission to inject internal server-side encryption metadata into objects by sending crafted X-Minio-Replication-...

MinIO 授权问题漏洞

MinIO is an open-source object storage server developed by the American company MinIO. This product supports the creation of infrastructures for machine learning, analysis, and application data workloads. Versions prior to MinIO RELEASE.2026-03-26T21-24-40Z contained an authorization vulnerabilit...

GHSA-3RH2-V3GR-35P9 MinIO is Vulnerable to SSE Metadata Injection via Replication Headers

Impact What kind of vulnerability is it? Who is impacted? A flaw in extractMetadataFromMime allows any authenticated user with s3:PutObject permission to inject internal server-side encryption metadata into objects by sending crafted X-Minio-Replication- headers on a normal PutObject request. The...

Missing Authorization

Overview github.com/minio/minio is a high performance object storage server compatible with Amazon S3 APIs. Affected versions of this package are vulnerable to Missing Authorization via the extractMetadataFromMime function. An attacker can make objects permanently unreadable by injecting crafted...

MinIO is Vulnerable to SSE Metadata Injection via Replication Headers

Impact What kind of vulnerability is it? Who is impacted? A flaw in extractMetadataFromMime allows any authenticated user with s3:PutObject permission to inject internal server-side encryption metadata into objects by sending crafted X-Minio-Replication- headers on a normal PutObject request. The...

PT-2026-28605

Name of the Vulnerable Software and Affected Versions MinIO versions prior to RELEASE.2026-03-26T21-24-40Z Description A flaw in the extractMetadataFromMime function allows any authenticated user with s3:PutObject permission to inject internal server-side encryption metadata into objects. This is...

CVE-2026-21671

A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution RCE in high availability HA deployments of Veeam Backup & Replication...