Vulnerability in Minio
CVE-2026-33419
MinIO is a high-performance object storage system. Prior to RELEASE.2026-03-17T21-25-16Z, MinIO AIStor's STS (Security Token Service) AssumeRoleWithLDAPIdentity endpoint is vulnerable to LDAP credential brute-forcing due to two combined we…
EPSS: 0.000 (7.6th percentile) — read the EPSS interpretation.
Affected products
- Minio — versions < RELEASE.2026-03-17T21-25-16Z
Weakness classification (CWE)
References
- https://github.com/minio/minio/security/advisories/GHSA-jv87-32hw-hh99 (x_refsource_CONFIRM)