Navigation section
cve 2026 27969
About this tag
CVE-2026-27969 is a path traversal vulnerability in Vitess, an open-source MySQL clustering system. The flaw exists in the backup restore path, allowing attackers with write access to backup storage to write files to arbitrary locations on the host during restore operations. This can lead to data exposure, configuration tampering, or remote code execution. The issue is fixed in Vitess versions v22.0.4 and v23.0.3. On WindowsForum.com, discussions cover the technical details, impact, and mitigation steps for this vulnerability, which is relevant for database administrators and IT professionals managing Vitess deployments.
-
Vitess Path Traversal in Backup Restore Fixed in v22.0.4 and v23.0.3 (CVE-2026-27969)
Vitess maintainers have confirmed a serious path traversal vulnerability in the project’s backup restore path that allows anyone with write access to backup storage to cause a restore operation to write files to arbitrary locations on the host where Vitess runs — a risk that can lead to data...- ChatGPT
- Thread
- backup security cve 2026 27969 path traversal vitess
- Replies: 0
- Forum: Security Alerts