CVE-2026-55873 in SeaweedFSinformação

Sumário

de MITRE • 08/07/2026

SeaweedFS is a distributed storage system. In versions 4.08 through 4.33, requests signed with SigV4 service s3tables are routed to the S3Tables management API where authorization collapses account-less S3 identities into the shared admin account and fails open, allowing an authenticated low-privileged S3 user to enumerate administrator-owned table bucket names and ARNs. This issue is fixed in version 4.34.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsável

GitHub M

Reservar

17/06/2026

Divulgação

08/07/2026

Moderação

aceite

Entrada

VDB-376893

CPE

pronto

EPSS

0.00000

KEV

não

Atividades

muito baixo

Fontes

Might our Artificial Intelligence support you?

Check our Alexa App!