minio Summary

Latest vulnerabilities published by minio

JSON RSS CSV 🔔 Create Alert Trigger

16 October 2025

Privilege Escalation Vulnerability in MinIO Object Storage System
CVE-2025-62506
MinioMinio👾🟡8.1HIGH

29 September 2025

Information Disclosure in MinIO Java SDK by MinIO
CVE-2025-59952
MinioMinio-java8.7HIGH

22 April 2025

IAM Authentication Vulnerability in MinIO Operator for Kubernetes
CVE-2025-32963
MinioOperator6.9MEDIUM

3 April 2025

Authorization Flaw in MinIO Object Storage by MinIO
CVE-2025-31489
MinioMinio8.7HIGH

28 February 2025

SSH Key Authentication Bypass Vulnerability in MinIO Object Storage
CVE-2025-27414
MinioMinio4.6MEDIUM

16 December 2024

Privilege Escalation Vulnerability in MinIO Object Storage Solution
CVE-2024-55949
MinIO

28 May 2024

Anonymous Requests Can Bypass Metadata Validation in MinIO
CVE-2024-36107
MinioMinio5.3MEDIUM

31 January 2024

Inherited Permissions Vulnerability in MinIO Could Allow Overriding of Access Controls
CVE-2024-24747
MinioMinioEPSS 17%8.8HIGH

30 May 2023

Minio console object names with RIGHT-TO-LEFT OVERRIDE unicode character can be exploited
CVE-2023-33955
minioconsole5.3MEDIUM

22 March 2023

14 March 2023

Minio vulnerable to denial of access by an admin privileged user for root credential
CVE-2023-27589
MinioMinio6.5MEDIUM

21 February 2023

Allowed DELETE on resources on object locked buckets under Governance mode in Minio
CVE-2023-25812
MinioMinio6.5MEDIUM

1 August 2022

Authenticated requests for server update admin API allows path traversal in minio
CVE-2022-35919
MinioMinio👾🟡7.4HIGH

7 June 2022

Possible DDOS by establishing keep-alive connections with anonymous HTTP clients in MinIO
CVE-2022-31028
MinioMinio7.5HIGH

12 April 2022

Improper Privilege Management in MinIO
CVE-2022-24842
MinioMinio8.8HIGH

27 December 2021

User privilege escalation in MinIO
CVE-2021-43858
MinioMinio👾🟡EPSS 53%8.8HIGH

15 November 2021

Authentication bypass issue in the Operator Console
CVE-2021-41266
MinioConsoleEPSS 79%8.6HIGH

13 October 2021

Bypassing policy restrictions on regular users
CVE-2021-41137
MinioMinio8.8HIGH

19 March 2021

MITM modification of request bodies in MinIO
CVE-2021-21390
MinioMinio6.5MEDIUM

8 March 2021

Bypassing readOnly policy by creating a temporary 'mc share upload' URL
CVE-2021-21362
MinioMinio7.7HIGH

1 February 2021

Server-Side Request Forgery in MinIO Browser API
CVE-2021-21287
MinioMinioEPSS 91%7.7HIGH

23 April 2020

Authentication bypass MinIO Admin API
CVE-2020-11012
MinioMinio9.3CRITICAL

26 June 2018

Memory Allocation Vulnerability in Minio S3 Server by Minio Inc.
CVE-2018-1000538
MinioMinio7.5HIGH