BIT-MINIO-2026-42600 MinIO: Path Traversal via msgpack Body in `ReadMultiple` Storage-REST Endpoint
MinIO is a high-performance object storage system. From 2022.07.24 to before 2026.04.14, A path traversal vulnerability in MinIO's ReadMultiple internode storage-REST endpoint allows a caller holding the cluster root JWT to read files from outside the configured drive roots, bounded only by the...