Description
A vulnerability has been identified in the Feast Feature Server’s `/save-document` endpoint that allows an unauthenticated remote attacker to write arbitrary JSON files to the server's filesystem. Although the system attempts to restrict file locations, these protections can be bypassed, enabling an attacker to overwrite vital application configurations or startup scripts. Because this flaw requires no credentials or special privileges, any attacker with network access to the server can potentially compromise the integrity of the system. This could lead to unauthorized system modifications, denial of service through disk exhaustion, or potential remote code execution.
Published: 2026-07-01
Score: 9.1 Critical
EPSS: n/a
KEV: No
Impact: Unauthorized file write leading to potential remote code execution
Action: Immediate Patch
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

Vendor Workaround

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Jul 2026 16:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 01 Jul 2026 14:30:00 +0000

Type Values Removed Values Added
Title feast: Unauthenticated Arbitrary File Write Feast: unauthenticated arbitrary file write
CPEs cpe:/a:redhat:openshift_ai
References

Tue, 24 Mar 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat openshift Ai
Vendors & Products Redhat
Redhat openshift Ai

Sat, 21 Mar 2026 05:30:00 +0000

Type Values Removed Values Added
Description A vulnerability has been identified in the Feast Feature Server’s `/save-document` endpoint that allows an unauthenticated remote attacker to write arbitrary JSON files to the server's filesystem. Although the system attempts to restrict file locations, these protections can be bypassed, enabling an attacker to overwrite vital application configurations or startup scripts. Because this flaw requires no credentials or special privileges, any attacker with network access to the server can potentially compromise the integrity of the system. This could lead to unauthorized system modifications, denial of service through disk exhaustion, or potential remote code execution.
Title feast: Unauthenticated Arbitrary File Write
Weaknesses CWE-862
References
Metrics threat_severity

None

cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H'}

threat_severity

Critical


Subscriptions

Redhat Openshift Ai
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-07-01T15:57:23.623Z

Reserved: 2026-01-13T19:53:18.502Z

Link: CVE-2026-23537

cve-icon Vulnrichment

Updated: 2026-07-01T15:57:20.403Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Critical

Publid Date: 2026-03-20T00:00:00Z

Links: CVE-2026-23537 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-03-24T10:35:10Z

Weaknesses