CVE Catalog

CVE-2026-59092

HighCVSS 7.7
Published: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.27%

18th percentile — higher than 18% of all known CVEs

Summary

JuiceFS through version 1.3.1 contains an authentication bypass vulnerability. Unauthenticated remote attackers can access sensitive debug and metrics endpoints by exploiting improper handler registration on the shared http.DefaultServeMux. Attackers can retrieve the process command line containing metadata engine connection strings with database credentials, gaining full read/write access to the filesystem metadata.

Risk Assessment

The risk for the organization includes leakage of database credentials for the metadata engine, leading to unauthorized read and write access to the JuiceFS filesystem. Additionally, internal state leakage and the potential for Denial of Service (DoS) attacks via profiling handlers pose serious threats to system integrity and availability.

Recommendation

Immediately upgrade JuiceFS to a version containing commit a46979c or later. If an upgrade is not possible, restrict access to the /debug/pprof/ endpoints using a firewall or authentication at the proxy level.

Original NVD description (English source)

JuiceFS through 1.3.1, fixed in commit a46979c, contains an authentication bypass vulnerability that allows unauthenticated remote attackers to access sensitive debug and metrics endpoints by exploiting improper handler registration on the shared http.DefaultServeMux. Attackers can request the /debug/pprof/cmdline endpoint to obtain the process command line containing metadata engine connection strings with database credentials, granting full read/write access to filesystem metadata, while other pprof handlers leak internal state and profiling handlers enable denial of service.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS