CVE-2026-10814 in milvusinfo

Summary

by MITRE • 06/04/2026

A vulnerability has been found in milvus-io milvus up to 2.6.13. This vulnerability affects unknown code of the file internal/metastore/kv/rootcoord/kv_catalog.go of the component Grantee ID Hash Handler. The manipulation leads to use of weak hash. The attack needs to be performed locally. The attack's complexity is rated as high. It is stated that the exploitability is difficult. The exploit has been disclosed to the public and may be used. The identifier of the patch is 3d932f1c3e065351c4440c27abe1e6479752544d. Applying a patch is the recommended action to fix this issue.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsible

VulDB

Disclosure

06/04/2026

Moderation

accepted

Entry

VDB-368262

CPE

ready

CWE

CWE-328 (confirmed)

Exploit

Download

CVSS

4.5 (VulDB)

EPSS

0.00000

KEV

Activities

low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-10814
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-10814
CVE Details	https://www.cvedetails.com/cve/CVE-2026-10814/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!