etcd RBAC Bypass via PrevKv/Lease in Tx Ops (3.4.43,3.5.29,3.6.10)
CVE-2026-44283 Published on May 14, 2026
etcd: Read access via PrevKv in etcd transactions may bypass RBAC authorization checks
etcd is a distributed key-value store for the data of a distributed system. Prior to 3.4.44, 3.5.30, and 3.6.11, a vulnerability in etcd allows read access via PrevKv, or lease attachment in Put requests within transaction operations, to bypass RBAC authorization checks. An authenticated user without sufficient read or lease-related permissions may be able to access unauthorized data or attach leases by invoking transaction operations with these features enabled. This vulnerability is fixed in 3.4.44, 3.5.30, and 3.6.11.
Vulnerability Analysis
CVE-2026-44283 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity and availability.
Weakness Type
What is an AuthZ Vulnerability?
The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
CVE-2026-44283 has been classified to as an AuthZ vulnerability or weakness.
Affected Versions
etcd-io etcd:- Version < 3.4.44 is affected.
- Version >= 3.5.0, <= 3.5.29 is affected.
- Version >= 3.6.0, <= 3.6.10 is affected.