🔐 CVE Alert

CVE-2026-23537

CRITICAL 9.1

Feast: unauthenticated arbitrary file write

CVSS Score
9.1
EPSS Score
0.0%
EPSS Percentile
0th

A vulnerability has been identified in the Feast Feature Server’s `/save-document` endpoint that allows an unauthenticated remote attacker to write arbitrary JSON files to the server's filesystem. Although the system attempts to restrict file locations, these protections can be bypassed, enabling an attacker to overwrite vital application configurations or startup scripts. Because this flaw requires no credentials or special privileges, any attacker with network access to the server can potentially compromise the integrity of the system. This could lead to unauthorized system modifications, denial of service through disk exhaustion, or potential remote code execution.

CWE CWE-862
Vendor feast
Product feast feature server
Published Jul 1, 2026
Stay Ahead of the Next One

Get instant alerts for feast feast feature server

Be the first to know when new critical vulnerabilities affecting feast feast feature server are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High

Affected Versions

Feast / Feast Feature Server
0 < 0.59.0
Red Hat / Red Hat OpenShift AI (RHOAI)
All versions affected
Red Hat / Red Hat OpenShift AI (RHOAI)
All versions affected
Red Hat / Red Hat OpenShift AI (RHOAI)
All versions affected
Red Hat / Red Hat OpenShift AI (RHOAI)
All versions affected
Red Hat / Red Hat OpenShift AI (RHOAI)
All versions affected
Red Hat / Red Hat OpenShift AI (RHOAI)
All versions affected
Red Hat / Red Hat OpenShift AI (RHOAI)
All versions affected
Red Hat / Red Hat OpenShift AI (RHOAI)
All versions affected
Red Hat / Red Hat OpenShift AI (RHOAI)
All versions affected
Red Hat / Red Hat OpenShift AI (RHOAI)
All versions affected
Red Hat / Red Hat OpenShift AI (RHOAI)
All versions affected
Red Hat / Red Hat OpenShift AI (RHOAI)
All versions affected
Red Hat / Red Hat OpenShift AI (RHOAI)
All versions affected
Red Hat / Red Hat OpenShift AI (RHOAI)
All versions affected

References

NVD ↗ CVE.org ↗ EPSS Data ↗
access.redhat.com: https://access.redhat.com/security/cve/CVE-2026-23537 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2429304 github.com: https://github.com/red-hat-data-services/feast/pull/192

Credits

This issue was discovered by Jitendra Yejare (Red Hat).