MeldSecurity
Press Enter to search
CVE Database & Search →
Sign In Get Started

CVE-2026-27965

🚨 CRITICAL

Vitess is a database clustering system for horizontal scaling of MySQL. Prior to versions 23.0.3 and 22.0.4, anyone with read/write access to the backup storage location (e.g. an S3 bucket) can manipu...

Published
Feb 26, 2026
Last Modified
Mar 02, 2026
Views
4
Bookmarks
0

Description

Request Expert Review

Vitess is a database clustering system for horizontal scaling of MySQL. Prior to versions 23.0.3 and 22.0.4, anyone with read/write access to the backup storage location (e.g. an S3 bucket) can manipulate backup manifest files so that arbitrary code is later executed when that backup is restored. This can be used to provide that attacker with unintended/unauthorized access to the production deployment environment — allowing them to access information available in that environment as well as run any additional arbitrary commands there. Versions 23.0.3 and 22.0.4 contain a patch. Some workarounds are available. Those who intended to use an external decompressor then can always specify that decompressor command in the `--external-decompressor` flag value for `vttablet` and `vtbackup`. That then overrides any value specified in the manifest file. Those who did not intend to use an external decompressor, nor an internal one, can specify a value such as `cat` or `tee` in the `--external-decompressor` flag value for `vttablet` and `vtbackup` to ensure that a harmless command is always used.

Affected Products (1)

linuxfoundation - vitess

Version: *

CVSS Scores

CVSS 3.1 9.9
9.9
CRITICAL
CVSS 2.0 9.9

References

github.com github.com github.com github.com

Additional Information

Source
security-advisories@github.com
State
Analyzed

Related CVEs

CVE-2026-4111

HIGH

A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path....

Score: 7.5

CVE-2026-4105

MEDIUM

A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the clas...

Score: 6.7

CVE-2026-4063

MEDIUM

The Social Icons Widget & Block by WPZOOM plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check in th...

Score: 4.3

CVE-2026-3986

MEDIUM

The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form settings in all versions up to, and includin...

Score: 6.4

CVE-2026-3910

HIGH

Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a...

Score: 8.8

CVE-2026-3909

HIGH

Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTM...

Score: 8.8

Share CVE-2026-27965

Share on Social Media

Copy Link

Embed Code

Request Expert Analysis

Request a professional security analysis for CVE-2026-27965 from our verified experts.

Credits System

Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!

Add 3 credits for accelerated delivery

Base Cost: 8 credits
Priority Upgrade: + credits
SLA Acceleration: +3 credits
Total Cost:
Your Balance:

Insufficient Credits

You need more credits to submit this request.

Buy Credits

Report Analysis