Package impact
Go / github.com/minio/minio
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41145 | high | 8.2 | 8.2 | 1mo ago | MinIO has an Unauthenticated Object Write via Query-String Credential Signature Bypass in Unsigned-Trailer Uploads | |||
| CVE-2026-40344 | high | 8.2 | 8.2 | 1mo ago | MinIO has an Unauthenticated Object Write via Missing Signature Verification in Unsigned-Trailer Uploads | |||
| CVE-2026-42600 | medium | 4.9 | 4.9 | 24d ago | MinIO vulnerable to Path Traversal via msgpack Body in `ReadMultiple` Storage-REST Endpoint | |||
| CVE-2023-28434 | unknown | — | 1.5 | 3y ago | MinIO contains a security feature bypass vulnerability that allows an attacker to use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `Post… | |||
| CVE-2026-33322 | unknown | — | — | 3mo ago | MinIO has JWT Algorithm Confusion in OIDC Authentication in github.com/minio/minio |