CVE-2026-33419 | MinIO up to 0.0.0-20260212201848-7aac2a2c5b7c Security Token Service AccessKeyId/SecretAccessKey/SessionToken information exposure (GHSA-jv87-32hw-hh99)

A vulnerability identified as problematic has been detected in MinIO up to 0.0.0-20260212201848-7aac2a2c5b7c. This issue affects some unknown processing of the component Security Token Service. The manipulation of the argument AccessKeyId/SecretAccessKey/SessionToken leads to information exposure through error message.

This vulnerability is uniquely identified as CVE-2026-33419. The attack is possible to be carried out remotely. Moreover, an exploit is present.

It is suggested to install a patch to address this issue.

CVE-2026-33419 | MinIO up to 0.0.0-20260212201848-7aac2a2c5b7c Security Token Service AccessKeyId/SecretAccessKey/SessionToken information exposure (GHSA-jv87-32hw-hh99)

Post correlati

CVE-2024-56609 | Linux Kernel up to 6.12.4 net/mac80211/main.c ieee80211_purge_tx_queue Privilege Escalation

CVE-2025-58073 | Mattermost up to 10.5.10/10.10.2/10.11.1 Team authorization

CVE-2026-28342 | OliveTin PasswordHash API Endpoint resource consumption

CVE-2024-1276 | wpdevteam Essential Addons for Elementor Plugin up to 5.9.8 on WordPress Content Ticker arrow cross site scripting