All 6 CVE vulnerabilities found in vitess, with AI-generated Chinese analysis, references, and POCs.
Vendor: vitessio
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-27969 | Vitess users with backup storage access can write to arbitrary file paths on restore CWE-22 | 6.5AI | MediumAI | 2026-02-26 |
| CVE-2026-27965 | Vitess users with backup storage access can gain unauthorized access to production deployment environments CWE-78 | 8.8AI | HighAI | 2026-02-26 |
| CVE-2024-53257 | Vitess allows HTML injection in /debug/querylogz & /debug/env CWE-79 | 4.9 | Medium | 2024-12-03 |
| CVE-2024-32886 | Vitess vulnerable to infinite memory consumption and vtgate crash CWE-835 | 4.9 | Medium | 2024-05-08 |
| CVE-2023-29195 | Vitess VTAdmin users that can create shards can deny access to other functions CWE-20 | 4.1 | Medium | 2023-05-11 |
| CVE-2023-29194 | vitess allows users to create keyspaces that can deny access to already existing keyspaces CWE-20 | 4.1 | Medium | 2023-04-14 |
All 6 known CVE vulnerabilities affecting vitess with full Chinese analysis, references, and POCs where available.