CVE-2025-64513: Milvus is an open-source vector database built for generative AI applications. An unauthenticated attacker can exploit a
Summary
Milvus, an open-source vector database (a specialized database that stores and searches data based on similarity patterns, used in AI applications), has a critical vulnerability in older versions that allows attackers to skip authentication and gain full admin control over the database without needing a password. This means attackers could read, change, or delete any data and perform administrative tasks like managing databases.
Solution / Mitigation
Upgrade to Milvus versions 2.4.24, 2.5.21, or 2.6.5. Alternatively, if upgrading immediately is not possible, remove the sourceID header from all incoming requests at the gateway, API gateway, or load balancer level before requests reach the Milvus Proxy component. This prevents attackers from exploiting the authentication bypass.
Vulnerability Details
EPSS: 0.1%
Classification
Affected Vendors
Related Issues
CVE-2024-37052: Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling
CVE-2026-26190: Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus expose
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-64513
First tracked: February 15, 2026 at 08:48 PM
Classified by LLM (prompt v3) · confidence: 95%