HarborGuardharborguardDatabase
Back to search
CRITICALCVE-2026-23537Published Modified CNA redhat

CVE-2026-23537: Feast: unauthenticated arbitrary file write

A vulnerability has been identified in the Feast Feature Server’s `/save-document` endpoint that allows an unauthenticated remote attacker to write arbitrary JSON files to the server's filesystem. Although the system attempts to restrict file locations, these protections can be bypassed, enabling an attacker to overwrite vital application configurations or startup scripts. Because this flaw requires no credentials or special privileges, any attacker with network access to the server can potentially compromise the integrity of the system. This could lead to unauthorized system modifications, denial of service through disk exhaustion, or potential remote code execution.

Metrics

CVSS v3.1
9.1
Severity
CRITICAL
Fixed in
0.59.0
Affected Products
15

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

An unauthenticated arbitrary file write vulnerability exists in the Feast Feature Server's /save-document endpoint. The flaw is reachable over the network with no credentials required, as path-restriction protections in the endpoint can be bypassed by a remote attacker. Successful exploitation allows an attacker to overwrite application configuration files or startup scripts, exhaust disk space, or achieve remote code execution. A patched-image rebuild at version 0.59.0 is available on HarborGuard for environments running an affected version.

HarborGuard Coverage

Detection

Detection of CVE-2026-23537 is available across every HarborGuard environment, with the CVE matched against customer images within minutes of publication from upstream feeds including the Red Hat CNA advisory. Coverage extends to custom-built images that bundle Feast Feature Server components, not only official upstream images.

Available
Triage

Triage is available with a CVSS v3.1 score of 9.1 (Critical), weighted further against each customer's per-environment compliance policy to determine urgency and routing. Findings are surfaced to the appropriate team inbox within each customer org based on workload ownership and policy configuration.

Available
Patch

A patched-image rebuild at Feast 0.59.0 becomes available on HarborGuard for any environment where an affected image is detected. For customers with auto-remediation enabled, HarborGuard triggers a rebuild, runs a regression test suite against the new image, and opens a PR against affected workloads automatically.

Available

Exploit Conditions

  • Network reachabilityRequired

    The attacker must reach the Feast Feature Server over the network; the vulnerable endpoint is exposed as an HTTP service.

  • AuthenticationNot required

    No credentials or account of any privilege level are needed to reach or exploit the /save-document endpoint.

  • Victim interactionNot required

    The attacker operates entirely without any action from a legitimate user or administrator.

  • Attack complexityDetail

    The exploit is reliable and condition-free; no race conditions, memory layout dependencies, or environmental factors need to be satisfied.

Blast Radius

  • Overwrites application configuration files or startup scripts, enabling persistent unauthorized system modifications.
  • Writes arbitrary files to disk until storage is exhausted, crashing dependent services through denial of disk space.
  • Replaces startup scripts or configuration with attacker-controlled content, creating a path to remote code execution on the host.
  • Disrupts the integrity of the Feature Server and any ML pipelines or model-serving workflows that depend on its configuration state.

How HarborGuard Handles This

Available on HarborGuard: detection of this Critical-severity vulnerability is matched against customer images within minutes of the advisory publication, including images built internally that package Feast Feature Server. Where compliance policy permits, a patched-image rebuild at Feast 0.59.0 is generated automatically. For customers who opt into auto-remediation, HarborGuard runs a full rebuild, executes a regression test pass against the resulting image, and opens a PR against affected workloads; for high and critical severity issues, median time from CVE publication to a merged patch PR is around 90 minutes in environments with auto-remediation enabled. Customers not using auto-remediation receive a prioritized finding routed to the appropriate team inbox for manual action. Because the endpoint requires no authentication and is network-exposed, customers running affected versions are encouraged to apply network-policy controls to restrict access to the /save-document endpoint as a compensating control until the patched image is deployed.

See how HarborGuard automates this

Fix available

0.59.0
Affected packages
  • Feast / Feast Feature Server
    < 0.59.0 (from 0)
  • Red Hat / Red Hat OpenShift AI (RHOAI)
  • Red Hat / Red Hat OpenShift AI (RHOAI)
  • Red Hat / Red Hat OpenShift AI (RHOAI)
  • Red Hat / Red Hat OpenShift AI (RHOAI)
  • Red Hat / Red Hat OpenShift AI (RHOAI)
  • Red Hat / Red Hat OpenShift AI (RHOAI)
  • Red Hat / Red Hat OpenShift AI (RHOAI)
  • Red Hat / Red Hat OpenShift AI (RHOAI)
  • Red Hat / Red Hat OpenShift AI (RHOAI)
  • Red Hat / Red Hat OpenShift AI (RHOAI)
  • Red Hat / Red Hat OpenShift AI (RHOAI)
  • Red Hat / Red Hat OpenShift AI (RHOAI)
  • Red Hat / Red Hat OpenShift AI (RHOAI)
  • Red Hat / Red Hat OpenShift AI (RHOAI)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H