Lucene search
K

6 matches found

NVD
NVD
added 6 hours ago5 views

CVE-2026-23537

A vulnerability has been identified in the Feast Feature Server’s /save-document endpoint that allows an unauthenticated remote attacker to write arbitrary JSON files to the server's filesystem. Although the system attempts to restrict file locations, these protections can be bypassed, enabling a...

9.1CVSS
Exploits0References3
Cvelist
Cvelist
added 7 hours ago4 views

CVE-2026-23537 Feast: unauthenticated arbitrary file write

A vulnerability has been identified in the Feast Feature Server’s /save-document endpoint that allows an unauthenticated remote attacker to write arbitrary JSON files to the server's filesystem. Although the system attempts to restrict file locations, these protections can be bypassed, enabling a...

9.1CVSS
Exploits0References3
EUVD
EUVD
added 7 hours ago5 views

EUVD-2026-40997

A vulnerability has been identified in the Feast Feature Server’s /save-document endpoint that allows an unauthenticated remote attacker to write arbitrary JSON files to the server's filesystem. Although the system attempts to restrict file locations, these protections can be bypassed, enabling a...

9.1CVSS6.2AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/20 10:20 p.m.3 views

CVE-2026-23537

A vulnerability has been identified in the Feast Feature Server’s /save-document endpoint that allows an unauthenticated remote attacker to write arbitrary JSON files to the server's filesystem. Although the system attempts to restrict file locations, these protections can be bypassed, enabling a...

9.1CVSS6AI score
Exploits0References3
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.11 views

Red Hat OpenShift AI 安全漏洞

Red Hat OpenShift AI is an AI lifecycle management platform developed by Red Hat Inc. There is a security vulnerability in Red Hat OpenShift AI, which stems from improper endpoint access control at the /save-document endpoint. This vulnerability could allow unverified remote attackers to write...

6AI score
Exploits0References1
Snyk
Snyk
added 2026/03/20 12:0 a.m.6 views

Missing Authorization

Overview feast is a Python SDK for Feast Affected versions of this package are vulnerable to Missing Authorization via the /save-document endpoint. An attacker can modify system files, overwrite configuration or startup scripts, or execute arbitrary code by sending crafted requests to write...

9.1CVSS6.2AI score
Exploits0References2
Rows per page
Query Builder