Skip to main content

Red Hat Openshift Ai Rhoai CVE-2026-23536

| EUVDEUVD-2026-13816 HIGH
Path Traversal (CWE-22)
2026-03-20 redhat GHSA-9p47-cwvm-h4hj
7.5
CVSS 3.1 · Vendor: redhat
Share

Severity by source

Vendor (redhat) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Red Hat
7.5 HIGH
qualitative

Primary rating from Vendor (redhat).

CVSS VectorVendor: redhat

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

3
EUVD ID Assigned
Mar 20, 2026 - 22:16 euvd
EUVD-2026-13816
Analysis Generated
Mar 20, 2026 - 22:16 vuln.today
CVE Published
Mar 20, 2026 - 21:58 nvd
HIGH 7.5

DescriptionCVE.org

A security issue was discovered in the Feast Feature Server's /read-document endpoint that allows an unauthenticated remote attacker to read any file accessible to the server process. By sending a specially crafted HTTP POST request, an attacker can bypass intended access restrictions to potentially retrieve sensitive system files, application configurations, and credentials.

AnalysisAI

The Feast Feature Server contains a path traversal vulnerability in its /read-document endpoint that allows unauthenticated remote attackers to read arbitrary files accessible to the server process, including sensitive system files, application configurations, and credentials. Red Hat OpenShift AI (RHOAI) deployments are confirmed affected across multiple versions. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Send crafted HTTP POST to /read-document endpoint
Exploit
Bypass access restrictions via path traversal
Execution
Read arbitrary files from server
Impact
Exfiltrate sensitive configurations and credentials

Vulnerability AssessmentAI

Exploitation No special conditions — remote unauthenticated exploitation against default Feast Feature Server installations. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment This vulnerability presents a significant real-world risk based on multiple threat indicators. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated remote attacker identifies a Red Hat OpenShift AI deployment exposing the Feast Feature Server and crafts an HTTP POST request to the `/read-document` endpoint containing path traversal sequences such as '../../../etc/passwd' or paths to application configuration files containing database credentials or API keys. The server processes this malicious request without proper validation and returns the contents of the requested file. …
Remediation Organizations running affected versions of Red Hat OpenShift AI should immediately consult the official Red Hat security advisory at https://access.redhat.com/security/cve/CVE-2026-23536 and apply available patches or updates as specified by the vendor. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all Red Hat OpenShift AI deployments in your environment and validate which versions are running Feast Feature Server; immediately restrict network access to the /read-document endpoint to trusted sources only. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

Share

CVE-2026-23536 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy