CVE-2026-49991 - RustFS Snowball Auto-Extract: Path Traversal allows cross-bucket object injection
CVE ID :CVE-2026-49991 Published : June 26, 2026, 8:01 p.m. | 5 hours, 10 minutes ago Description :RustFS is a distributed object storage system built in Rust. In 1.0.0-beta.4, authenticated users with only PutObject permission on their own bucket can exploit a path traversal vulnerability in...