CVE-2025-64513
published 2025-11-10CVE-2025-64513: Milvus is an open-source vector database built for generative AI applications. An unauthenticated attacker can exploit a vulnerability in versions prior to…
PriorityP270critical9.3CVSS 4.0
AVNACLATNPRNUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
1.05%
60.1th percentile
Milvus is an open-source vector database built for generative AI applications. An unauthenticated attacker can exploit a vulnerability in versions prior to 2.4.24, 2.5.21, and 2.6.5 to bypass all authentication mechanisms in the Milvus Proxy component, gaining full administrative access to the Milvus cluster. This grants the attacker the ability to read, modify, or delete data, and to perform privileged administrative operations such as database or collection management. This issue has been fixed in Milvus 2.4.24, 2.5.21, and 2.6.5. If immediate upgrade is not possible, a temporary mitigation can be applied by removing the sourceID header from all incoming requests at the gateway, API gateway, or load balancer level before they reach the Milvus Proxy. This prevents attackers from exploiting the authentication bypass behavior.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | milvus-io_milvus | >= 0 < 0.10.3-0.20251107071934-6102f001a971 | 0.10.3-0.20251107071934-6102f001a971 |
| github.com | milvus-io_milvus | >= 0.10.4 < 2.4.24 | 2.4.24 |
| github.com | milvus-io_milvus | >= 0.10.4 | — |
| github.com | milvus-io_milvus | >= 2.5.0 < 2.5.21 | 2.5.21 |
| github.com | milvus-io_milvus | >= 2.6.0 < 2.6.5 | 2.6.5 |
| milvus-io | milvus | < 2.4.24 | 2.4.24 |
| milvus-io | milvus | — | — |
| milvus-io | milvus | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Milvus Proxy has a Critical Authentication Bypass Vulnerability in github.com/milvus-io/milvus
osv·2025-11-17
CVE-2025-64513 Milvus Proxy has a Critical Authentication Bypass Vulnerability in github.com/milvus-io/milvus
Milvus Proxy has a Critical Authentication Bypass Vulnerability in github.com/milvus-io/milvus
Milvus Proxy has a Critical Authentication Bypass Vulnerability in github.com/milvus-io/milvus.
NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.
(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)
The additional affected modules and versions are: github.com/milvus-io/milvus before v2.4.24, from v2.5.0 before v2.5.21, from v2.6.0 before v2.6.5.
OSV
Milvus Proxy has a Critical Authentication Bypass Vulnerability
osv·2025-11-13
CVE-2025-64513 [CRITICAL] Milvus Proxy has a Critical Authentication Bypass Vulnerability
Milvus Proxy has a Critical Authentication Bypass Vulnerability
### Impact
_What kind of vulnerability is it? Who is impacted?_
An unauthenticated attacker can exploit this vulnerability to bypass all authentication mechanisms in the Milvus Proxy component, gaining full administrative access to the Milvus cluster.
This grants the attacker the ability to read, modify, or delete data, and to perform privileged administrative operations such as database or collection management.
All users running affected Milvus versions are strongly advised to upgrade immediately.
### Patches
_Has the problem been patched? What versions should users upgrade to?_
This issue has been fixed in the following versions:
• Milvus 2.4.24
• Milvus 2.5.21
• Milvus 2.6.5
Users should upgrade to these patched version
GHSA
Milvus Proxy has a Critical Authentication Bypass Vulnerability
ghsa·2025-11-13
CVE-2025-64513 [CRITICAL] CWE-287 Milvus Proxy has a Critical Authentication Bypass Vulnerability
Milvus Proxy has a Critical Authentication Bypass Vulnerability
### Impact
_What kind of vulnerability is it? Who is impacted?_
An unauthenticated attacker can exploit this vulnerability to bypass all authentication mechanisms in the Milvus Proxy component, gaining full administrative access to the Milvus cluster.
This grants the attacker the ability to read, modify, or delete data, and to perform privileged administrative operations such as database or collection management.
All users running affected Milvus versions are strongly advised to upgrade immediately.
### Patches
_Has the problem been patched? What versions should users upgrade to?_
This issue has been fixed in the following versions:
• Milvus 2.4.24
• Milvus 2.5.21
• Milvus 2.6.5
Users should upgrade to these patched version
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-11-10
Published