CVE-2026-27607
HIGH
GHSA-w5fh-f8xh-5x3p
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Lifecycle Timeline
3Tags
Description
RustFS is a distributed object storage system built in Rust. In versions 1.0.0-alpha.56 through 1.0.0-alpha.82, RustFS does not validate policy conditions in presigned POST uploads (PostObject), allowing attackers to bypass content-length-range, starts-with, and Content-Type constraints. This enables unauthorized file uploads exceeding size limits, uploads to arbitrary object keys, and content-type spoofing, potentially leading to storage exhaustion, unauthorized data access, and security bypasses. Version 1.0.0-alpha.83 fixes the issue.
Analysis
Insufficient input validation in RustFS versions 1.0.0-alpha.56 through 1.0.0-alpha.82 allows authenticated attackers to circumvent presigned POST upload policy restrictions, bypassing content-length-range, starts-with, and Content-Type controls. An attacker can exploit this to upload oversized files, write to arbitrary object keys, and spoof file types, resulting in storage exhaustion and potential unauthorized data access.
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all RustFS deployments and document affected versions; disable presigned POST upload functionality if business-critical. Within 7 days: Implement network segmentation to restrict RustFS upload endpoints to authorized sources only; enable comprehensive audit logging on all upload activities. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today