PT-2026-8025 · Milvus · Milvus

0X1F

Published

2026-02-11

Updated

2026-03-03

CVE-2026-26190

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Milvus versions prior to 2.5.27 Milvus versions prior to 2.6.10

Description Milvus, an open-source vector database for generative AI applications, is affected by an issue that allows authentication bypasses. The software exposes TCP port 9091 by default, and the /expr debug endpoint uses a weak, predictable default authentication token derived from etcd.rootPath (default: by-dev), enabling arbitrary expression evaluation. The full REST API (/api/v1/*) is registered on the metrics/management port without authentication, allowing unauthenticated access to all business operations, including data manipulation and credential management.

Recommendations Milvus versions prior to 2.5.27 should be upgraded to version 2.5.27 or later. Milvus versions prior to 2.6.10 should be upgraded to version 2.6.10 or later.

Exploit

Fix

RCE

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1188CWE-749CWE-306

Related Identifiers

BIT-MILVUS-2026-26190

CVE-2026-26190

GHSA-7PPG-37FH-VCR6

GO-2026-4481

SUSE-SU-2026:0757-1

Affected Products

Milvus

PT-2026-8025 · Milvus · Milvus

CVE-2026-26190

Weakness Enumeration

Related Identifiers

Affected Products

References · 126