CVE-2026-26190
Awaiting Analysis Awaiting Analysis - Queue
Authentication Bypass and Unauthenticated Access in Milvus TCP API

Publication date: 2026-02-13

Last updated on: 2026-02-18

Assigner: GitHub, Inc.

Description
Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus exposes TCP port 9091 by default, which enables authentication bypasses. The /expr debug endpoint uses a weak, predictable default authentication token derived from etcd.rootPath (default: by-dev), enabling arbitrary expression evaluation. The full REST API (/api/v1/*) is registered on the metrics/management port without any authentication, allowing unauthenticated access to all business operations including data manipulation and credential management. This vulnerability is fixed in 2.5.27 and 2.6.10.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-13
Last Modified
2026-02-18
Generated
2026-05-07
AI Q&A
2026-02-13
EPSS Evaluated
2026-05-05
NVD
CVE-2026-26190
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
milvus milvus to 2.5.27 (exc)
milvus milvus From 2.6.0 (inc) to 2.6.10 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-26190 is a critical security vulnerability in Milvus, an open-source vector database. The issue arises because Milvus exposes TCP port 9091 by default without proper authentication controls. Specifically, the /expr debug endpoint uses a weak and predictable default authentication token derived from the etcd.rootPath setting, allowing attackers to execute arbitrary internal expressions. Additionally, the full REST API is accessible on the metrics/management port without any authentication, enabling unauthenticated access to all business operations such as data manipulation and credential management.

This vulnerability allows attackers to bypass authentication, execute arbitrary code, access sensitive information, manipulate data, manage user credentials, and potentially cause denial of service or remote code execution.


How can this vulnerability impact me? :

This vulnerability can have severe impacts including:

  • Remote unauthenticated attackers can exfiltrate sensitive secrets and credentials such as MinIO secret keys and user credential hashes.
  • Attackers can manipulate all data and collections, including creating, listing, deleting collections, inserting and querying data.
  • User accounts can be managed or escalated by attackers, including creating, deleting, and modifying user credentials and passwords.
  • Denial of service can be caused by shutting down the proxy service or corrupting metadata.
  • Attackers can write arbitrary files on the server filesystem, potentially leading to remote code execution.

How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking if the Milvus server is exposing TCP port 9091 without proper authentication. Specifically, you can test access to the /expr debug endpoint and the full REST API (/api/v1/*) on port 9091 to see if they allow unauthenticated access.'}, {'type': 'list_item', 'content': 'Use network scanning tools like nmap to check if port 9091 is open on your Milvus instances.'}, {'type': 'list_item', 'content': 'Attempt to access the /expr endpoint with a default or predictable authentication token (derived from etcd.rootPath, default "by-dev") to verify if arbitrary expression evaluation is possible.'}, {'type': 'list_item', 'content': 'Send HTTP requests to the /api/v1/* endpoints on port 9091 to check if REST API operations can be performed without authentication.'}, {'type': 'list_item', 'content': 'Example command to scan port 9091: nmap -p 9091 <target-ip>'}, {'type': 'list_item', 'content': 'Example curl command to test /expr endpoint: curl "http://<target-ip>:9091/expr?auth=by-dev&expr=1+%2B+1"'}, {'type': 'list_item', 'content': 'Example curl command to test unauthenticated REST API access: curl "http://<target-ip>:9091/api/v1/collections"'}] [4]


What immediate steps should I take to mitigate this vulnerability?

[{'type': 'paragraph', 'content': 'Immediate mitigation steps include restricting access to port 9091 and securing or disabling vulnerable endpoints.'}, {'type': 'list_item', 'content': 'Block external access to TCP port 9091 using firewalls or network policies to prevent unauthorized network access.'}, {'type': 'list_item', 'content': 'Avoid exposing port 9091 outside of trusted internal networks, especially in containerized or cloud environments.'}, {'type': 'list_item', 'content': 'Change the default etcd.rootPath value from "by-dev" to a strong, random string to reduce the risk of predictable authentication tokens (partial mitigation).'}, {'type': 'list_item', 'content': 'Remove or disable the /expr debug endpoint in production environments or secure it with strong, non-default authentication.'}, {'type': 'list_item', 'content': 'Do not register business API routes on the metrics port (9091); separate metrics and health endpoints from application REST APIs.'}, {'type': 'list_item', 'content': 'Enforce authentication on all API endpoints regardless of the port they are served on.'}, {'type': 'list_item', 'content': 'Upgrade Milvus to version 2.5.27 or 2.6.10 or later, where this vulnerability is fixed by adding authentication to the metrics endpoint and securing the API.'}] [1, 2, 4]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart