CVE-2026-44283
published 2026-05-14CVE-2026-44283: etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via…
PriorityP425medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
EPSS
0.22%
13.0th percentile
etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user without sufficient read or lease-related permissions may be able to access unauthorized data or attach leases by invoking transaction operations with these features enabled. This vulnerability is fixed in 3.4.44, 3.5.30, and 3.6.11.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| etcd-io | etcd | < 3.4.44 | 3.4.44 |
| etcd-io | etcd | — | — |
| etcd-io | etcd | — | — |
| etcd | etcd | < 3.4.44 | 3.4.44 |
| etcd | etcd | — | — |
| etcd | etcd | >= 3.5.0 < 3.5.30 | 3.5.30 |
| etcd | etcd | >= 3.6.0 < 3.6.11 | 3.6.11 |
| go.etcd.io | etcd | >= 0 < 3.4.44 | 3.4.44 |
| go.etcd.io | etcd_v3 | >= 3.5.0 < 3.5.30 | 3.5.30 |
| go.etcd.io | etcd_v3 | >= 3.6.0 < 3.6.11 | 3.6.11 |
| openshift4 | ose-etcd-rhel9 | — | — |
| rhosp-rhel8 | openstack-etcd | — | — |
| rhosp-rhel9 | openstack-etcd | — | — |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
etcd: etcd: Authenticated user can bypass RBAC for unauthorized data access
vendor_redhat·2026-05-14·CVSS 4.3
CVE-2026-44283 [MEDIUM] CWE-639 etcd: etcd: Authenticated user can bypass RBAC for unauthorized data access
etcd: etcd: Authenticated user can bypass RBAC for unauthorized data access
etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user without sufficient read or lease-related permissions may be able to access unauthorized data or attach leases by invoking transaction operations with these features enabled. This vulnerability is fixed in 3.4.44, 3.5.30, and 3.6.11.
A flaw was found in etcd, a distributed key-value store. An authenticated user, without sufficient read or lease-related permissions, could bypass Role-Based Access Control (RBAC) authorization c
VulDB
etcd-io etcd up to 3.4.43/3.5.29/3.6.10 Attachments authorization
vuldb·2026-05-14·CVSS 4.3
CVE-2026-44283 [NONE] etcd-io etcd up to 3.4.43/3.5.29/3.6.10 Attachments authorization
A vulnerability described as problematic has been identified in etcd-io etcd up to 3.4.43/3.5.29/3.6.10. The impacted element is an unknown function of the component Attachments Handler. The manipulation results in incorrect authorization.
This vulnerability is reported as CVE-2026-44283. The attack can be launched remotely. No exploit exists.
Upgrading the affected component is recommended.
GHSA
etcd RBAC bypass allows unauthorized data access via PrevKv/lease attachment in nested transaction Put requests
ghsa·2026-05-07
CVE-2026-44283 [LOW] CWE-863 etcd RBAC bypass allows unauthorized data access via PrevKv/lease attachment in nested transaction Put requests
etcd RBAC bypass allows unauthorized data access via PrevKv/lease attachment in nested transaction Put requests
### Impact
_What kind of vulnerability is it? Who is impacted?_
A vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user without sufficient read or lease-related permissions may be able to access unauthorized data or attach leases by invoking transaction operations with these features enabled.
Kubernetes does not rely on etcd’s built-in authentication and authorization. Instead, the API server handles authentication and authorization itself, so typical Kubernetes deployments are not affected.
### Patches
_Has the problem been patched? What versions shoul
No detection rules found.
No public exploits indexed.
2026-05-14
Published