CVE-2026-23537 PUBLISHED

Feast: unauthenticated arbitrary file write

Assigner: redhat
Reserved: 13.01.2026 Published: 01.07.2026 Updated: 01.07.2026

A vulnerability has been identified in the Feast Feature Server’s /save-document endpoint that allows an unauthenticated remote attacker to write arbitrary JSON files to the server's filesystem. Although the system attempts to restrict file locations, these protections can be bypassed, enabling an attacker to overwrite vital application configurations or startup scripts. Because this flaw requires no credentials or special privileges, any attacker with network access to the server can potentially compromise the integrity of the system. This could lead to unauthorized system modifications, denial of service through disk exhaustion, or potential remote code execution.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CVSS Score: 9.1

Product Status

Vendor Feast
Product Feast Feature Server
Versions Default: unaffected
  • affected from 0 to 0.59.0 (excl.)
Vendor Red Hat
Product Red Hat OpenShift AI (RHOAI)
Versions Default: unaffected
Vendor Red Hat
Product Red Hat OpenShift AI (RHOAI)
Versions Default: unaffected
Vendor Red Hat
Product Red Hat OpenShift AI (RHOAI)
Versions Default: unaffected
Vendor Red Hat
Product Red Hat OpenShift AI (RHOAI)
Versions Default: unaffected
Vendor Red Hat
Product Red Hat OpenShift AI (RHOAI)
Versions Default: unaffected
Vendor Red Hat
Product Red Hat OpenShift AI (RHOAI)
Versions Default: unaffected
Vendor Red Hat
Product Red Hat OpenShift AI (RHOAI)
Versions Default: unaffected
Vendor Red Hat
Product Red Hat OpenShift AI (RHOAI)
Versions Default: unaffected
Vendor Red Hat
Product Red Hat OpenShift AI (RHOAI)
Versions Default: unaffected
Vendor Red Hat
Product Red Hat OpenShift AI (RHOAI)
Versions Default: unaffected
Vendor Red Hat
Product Red Hat OpenShift AI (RHOAI)
Versions Default: unaffected
Vendor Red Hat
Product Red Hat OpenShift AI (RHOAI)
Versions Default: unaffected
Vendor Red Hat
Product Red Hat OpenShift AI (RHOAI)
Versions Default: unaffected
Vendor Red Hat
Product Red Hat OpenShift AI (RHOAI)
Versions Default: unaffected

Workarounds

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

Credits

  • This issue was discovered by Jitendra Yejare (Red Hat).

References

Problem Types

  • Missing Authorization CWE