Yinglin Xie

**Name of the Vulnerable Software and Affected Versions** Milvus versions prior to 2.5.27 Milvus versions prior to 2.6.10 **Description** Milvus, an open-source vector database for generative AI applications, is affected by an issue that allows authentication bypasses. The software exposes TCP port 9091 by default, and the `/expr` debug endpoint uses a weak, predictable default authentication token derived from `etcd.rootPath` (default: by-dev), enabling arbitrary expression evaluation. The full REST API (`/api/v1/*`) is registered on the metrics/management port without authentication, allowing unauthenticated access to all business operations, including data manipulation and credential management. **Recommendations** Milvus versions prior to 2.5.27 should be upgraded to version 2.5.27 or later. Milvus versions prior to 2.6.10 should be upgraded to version 2.6.10 or later.