anonhaven
Ad

CVE-2026-27969

CRITICAL CVSS 4.0: 9.3 EPSS 0.06%
Updated Feb 26, 2026
MySQL
Parameter Value
CVSS 9.3 (CRITICAL)
Type CWE-22 (Path Traversal)
Vendor MySQL
Public PoC No

Vitess is a database clustering system for horizontal scaling of MySQL. Prior to versions 23.0.3 and 22.0.4, anyone with read/write access to the backup storage location (e.g. an S3 bucket) can manipulate backup manifest files so that files in the manifest — which may be files that they have also added to the manifest and backup contents — are written to any accessible location on restore. This is a common path traversal security issue.

This can be used to provide that attacker with unintended/unauthorized access to the production deployment environment — allowing them to access information available in that environment as well as run any additional arbitrary commands there. Versions 23.0.3 and 22.0.4 contain a patch. No known workarounds are available.

Attack Parameters

Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Attack Requirements
None
No additional conditions
Privileges Required
High
Admin privileges needed
User Interaction
Passive
Minimal interaction

Impact Assessment

Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
Low
Partial disruption

CVSS Vector v4.0

Weakness Type (CWE)

CWE-22 Path Traversal

References 3

https://github.com/vitessio/vitess/commit/c565cab615bc962bda061dcd645aa7506c59c…
security-advisories@github.com
https://github.com/vitessio/vitess/pull/19470
security-advisories@github.com
https://github.com/vitessio/vitess/security/advisories/GHSA-r492-hjgh-c9gw
security-advisories@github.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2019-25576

MySQL

8.8

CVE-2026-32710

MySQL

8.5

CVE-2026-32949

MySQL

8.7

CVE-2026-32763

MySQL

8.2

CVE-2026-29096

MySQL

8.1