Milvus Allows Unauthenticated Access to Restful API on Metrics Port...

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus exposes TCP port 9091 by default, which enables authentication bypasses. The /expr debug endpoint uses a weak, predictable default authentication token derived from etcd.rootPath (default: by-dev), enabling arbitrary expression evaluation. The full REST API (/api/v1/*) is registered on the metrics/management port without any authentication, allowing unauthenticated access to all business operations including data manipulation and credential management. This vulnerability is fixed in 2.5.27 and 2.6.10.

AI Analysis

Unauthenticated access to the REST API on the metrics port due to missing authentication, allowing data manipulation and credential management.

Basic Information

ID CVE-2026-26190

Source GitHub_M

Published Feb 13, 2026 at 18:44

Modified Feb 13, 2026 at 19:37

Affected Product

Vendor milvus-io

Product milvus

Version < 2.5.27

Affected Versions milvus-io milvus < 2.5.27
milvus-io milvus >= 2.6.0, < 2.6.10

CWE Classification

CWE-306

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor Milvus-io

Product Milvus

Version < 2.5.27, >= 2.6.0 and < 2.6.10

References

{
    "lastseen": "",
    "description": "Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus exposes TCP port 9091 by default, which enables authentication bypasses. The /expr debug endpoint uses a weak, predictable default authentication token derived from etcd.rootPath (default: by-dev), enabling arbitrary expression evaluation. The full REST API (/api/v1/*) is registered on the metrics/management port without any authentication, allowing unauthenticated access to all business operations including data manipulation and credential management. This vulnerability is fixed in 2.5.27 and 2.6.10.",
    "published": "2026-02-13T18:44:33.465Z",
    "modified": "2026-02-13T19:37:40.553Z",
    "type": "cve",
    "title": "Milvus Allows Unauthenticated Access to Restful API on Metrics Port (9091) Leads to Critical System Compromise",
    "source": "GitHub_M",
    "references": "https://github.com/milvus-io/milvus/security/advisories/GHSA-7ppg-37fh-vcr6\nhttps://github.com/milvus-io/milvus/commit/92b74dd2e286006a83b4a5f07951027b32e718a9\nhttps://github.com/milvus-io/milvus/releases/tag/v2.5.27\nhttps://github.com/milvus-io/milvus/releases/tag/v2.6.10",
    "id": "CVE-2026-26190",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306"
    ],
    "cvelist": null,
    "sourceData": "milvus-io milvus < 2.5.27\nmilvus-io milvus >= 2.6.0, < 2.6.10",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "milvus",
    "version": "< 2.5.27",
    "vendor": "milvus-io",
    "ai_description": "Unauthenticated access to the REST API on the metrics port due to missing authentication, allowing data manipulation and credential management.",
    "ai_severity": "Critical",
    "ai_vendor": "Milvus-io",
    "ai_product": "Milvus",
    "ai_version": "< 2.5.27, >= 2.6.0 and < 2.6.10",
    "ai_score": 9.8
}

Milvus Allows Unauthenticated Access to Restful API on Metrics Port (9091) Leads to Critical System Compromise_CVE-2026-26190