VYPR

Go modules package

github.com/milvus-io/milvus

pkg:golang/github.com/milvus-io/milvus

Vulnerabilities (2)

  • CVE-2026-26190Feb 13, 2026
    affected < 2.5.27fixed 2.5.27

    Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus exposes TCP port 9091 by default, which enables authentication bypasses. The /expr debug endpoint uses a weak, predictable default authentication token derived from e

  • CVE-2025-64513CriNov 10, 2025
    affected >= 0.10.4, < 2.4.24fixed 2.4.24

    Milvus is an open-source vector database built for generative AI applications. An unauthenticated attacker can exploit a vulnerability in versions prior to 2.4.24, 2.5.21, and 2.6.5 to bypass all authentication mechanisms in the Milvus Proxy component, gaining full administrative