Cyber Posture

CVE-2026-23536

High

Published: 20 March 2026

Published
20 March 2026
Modified
23 March 2026
KEV Added
Patch
CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0010 27.5th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-23536 is a high-severity Path Traversal (CWE-22) vulnerability. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 27.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly validates inputs to the /read-document endpoint to block path traversal payloads that bypass file access restrictions.

SI-2 Flaw Remediation good match
prevent

Remediates the specific path traversal flaw in the Feast Feature Server through timely patching as referenced in vendor advisories.

AC-6 Least Privilege good match
prevent

Enforces least privilege on the server process to restrict access to sensitive files, limiting damage from successful path traversal exploitation.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
attack.mitre.org →
Why these techniques?

Path traversal in public-facing /read-document endpoint directly enables remote file read (T1190) and arbitrary local data access (T1005).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A security issue was discovered in the Feast Feature Server's `/read-document` endpoint that allows an unauthenticated remote attacker to read any file accessible to the server process. By sending a specially crafted HTTP POST request, an attacker can bypass intended…

more

access restrictions to potentially retrieve sensitive system files, application configurations, and credentials.

Deeper analysisAI

CVE-2026-23536 is a path traversal vulnerability (CWE-22) in the Feast Feature Server's `/read-document` endpoint. It affects the Feast Feature Server, allowing an unauthenticated remote attacker to read any file accessible to the server process. The issue, published on 2026-03-20, stems from the ability to send a specially crafted HTTP POST request that bypasses intended access restrictions, with a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

An unauthenticated attacker with network access can exploit this vulnerability by crafting and sending a malicious HTTP POST request to the `/read-document` endpoint. Successful exploitation enables the retrieval of sensitive system files, application configurations, and credentials accessible to the server process, resulting in high confidentiality impact without requiring privileges, user interaction, or scope changes.

Red Hat security advisories provide details on this CVE, available at https://access.redhat.com/security/cve/CVE-2026-23536, along with the associated Bugzilla entry at https://bugzilla.redhat.com/show_bug.cgi?id=2429302, which likely include information on patches and mitigation steps.

Details

CWE(s)
CWE-22

CVEs Like This One

CVE-2025-23422Shared CWE-22
CVE-2025-8343Shared CWE-22
CVE-2025-10559Shared CWE-22
CVE-2025-67076Shared CWE-22
CVE-2026-5258Shared CWE-22
CVE-2025-25155Shared CWE-22
CVE-2024-51376Shared CWE-22
CVE-2024-13471Shared CWE-22
CVE-2026-27442Shared CWE-22
CVE-2025-8054Shared CWE-22

References