Description
RustFS is a distributed object storage system built in Rust. From versions alpha.13 to alpha.81, RustFS logs sensitive credential material (access key, secret key, session token) to application logs at INFO level. This results in credentials being recorded in plaintext in log output, which may be accessible to internal or external log consumers and could lead to compromise of sensitive credentials. This issue has been patched in version alpha.82.
INFO
Published Date :
2026-02-03T16:06:17.699Z
Last Modified :
2026-02-03T17:11:10.897Z
Source :
GitHub_M
AFFECTED PRODUCTS
The following products are affected by CVE-2026-24762 vulnerability.
| Vendors | Products |
|---|---|
| Rustfs |
|
REFERENCES
Here, you will find a curated list of external links that provide in-depth information to CVE-2026-24762.
CVSS Vulnerability Scoring System
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact