CVE-2026-25628

Name of the Vulnerable Software and Affected Versions Qdrant versions 1.9.3 through 1.15.5

Description Qdrant, a vector similarity search engine and vector database, contains a flaw where an attacker can append to arbitrary files via the /logger endpoint. This is possible due to an attacker-controlled on disk.log file path and a lack of authorization checks, requiring only read-only access. Exploitation involves crafting requests to inject YAML code, potentially allowing for file manipulation and, in some cases, remote code execution. The vulnerability was tested on version 1.15.5. The /logger API endpoint accepts an attacker-controlled on disk.log file path. The vulnerability does not affect Qdrant cloud as the configuration directory is not writable.

Recommendations Versions 1.9.3 through 1.15.5: Limit usage of the /logger endpoint to users with management privileges only, or disable it completely. Restrict the path of the log file to a dedicated logs directory.