Information disclosure in Rustfs
CVE-2026-45040
RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, RustFS suffers from sensitive information leakage in log outputs. When the server is run with RUST_LOG=debug sensitive credentials including SessionToken (…
EPSS: 0.000 (5.6th percentile) — read the EPSS interpretation.
Affected products
- Rustfs — versions < 1.0.0-beta.2
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)