You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2026-44283
About this tag
CVE-2026-44283 is an etcd authorization-bypass vulnerability disclosed in May 2026 that affects versions before 3.4.44, 3.5.30, and 3.6.11. It allows authenticated users to obtain unauthorized data through PrevKv or attach leases inside transaction-based Put requests. This flaw is not a remote-code-execution bug but a quieter infrastructure issue that impacts organizations relying on etcd for direct security roles, where RBAC does not behave uniformly across every API path. Discussions on WindowsForum cover patch versions, verify transaction RBAC, and the broader lesson in distributed systems security.
CVE-2026-44283 is an etcd authorization-bypass vulnerability disclosed in May 2026 that affects versions before 3.4.44, 3.5.30, and 3.6.11, allowing authenticated users to obtain unauthorized data through PrevKv or attach leases inside transaction-based Put requests. The bug is not another...