CVE-2026-25628

HighPublic PoC

Published: 06 February 2026

Published

06 February 2026

Modified

19 February 2026

KEV Added

—

Patch

—

CVSS Score 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

EPSS Score 0.0002 7.0th percentile

Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-25628 is a high-severity External Control of File Name or Path (CWE-73) vulnerability in Qdrant Qdrant. Its CVSS base score is 8.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 7.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 2 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly prevents exploitation by requiring validation of attacker-controlled on_disk.log_file paths at the /logger endpoint to block arbitrary file appends.

SI-2 Flaw Remediation good match

prevent

Mitigates the vulnerability through timely flaw remediation by applying the patch released in Qdrant 1.16.0.

AC-6 Least Privilege partial match

prevent

Limits damage from read-only access exploitation by enforcing least privilege on users and processes handling file operations.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1105 Ingress Tool Transfer Command And Control

Adversaries may transfer tools or other files from an external system into a compromised environment.

attack.mitre.org →

T1565.001 Stored Data Manipulation Impact

Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.

attack.mitre.org →

Why these techniques?

CVE describes network-reachable arbitrary file append in public Qdrant service (T1190); directly enables writing attacker-controlled data to any path (T1105 ingress, T1565.001 stored data manipulation).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Qdrant is a vector similarity search engine and vector database. From 1.9.3 to before 1.16.0, it is possible to append to arbitrary files via /logger endpoint using an attacker-controlled on_disk.log_file path. Minimal privileges are required (read-only access). This vulnerability is…

fixed in 1.16.0.

Deeper analysisAI

CVE-2026-25628 is a vulnerability in Qdrant, an open-source vector similarity search engine and vector database, affecting versions from 1.9.3 up to but not including 1.16.0. It enables attackers to append data to arbitrary files through the /logger endpoint by supplying a maliciously controlled on_disk.log_file path, stemming from improper handling of externally controlled file paths (CWE-73).

Exploitation requires low privileges, specifically read-only access (PR:L), and can be performed over the network (AV:N) with no user interaction (UI:N), though it demands high attack complexity (AC:H). Successful attacks result in high impacts to confidentiality, integrity, and availability (C:H/I:H/A:H) with a changed scope (S:C), earning a CVSS v3.1 base score of 8.5.

Qdrant addressed the issue in version 1.16.0, as detailed in their GitHub security advisory (GHSA-f632-vm87-2m2f) and the fixing commit. The vulnerable code is in the service_api.rs file around line 195, where the patch prevents the arbitrary file append behavior.