{"id":"GO-2026-4567","summary":"Vitess users can gain unauthorized access to production deployment environments in vitess.io/vitess","details":"Vitess users with backup storage access can gain unauthorized access to production deployment environments in vitess.io/vitess","aliases":["CVE-2026-27965","GHSA-8g8j-r87h-p36x"],"modified":"2026-03-23T04:52:44.619714Z","published":"2026-03-10T18:28:01Z","database_specific":{"url":"https://pkg.go.dev/vuln/GO-2026-4567","review_status":"REVIEWED"},"references":[{"type":"ADVISORY","url":"https://github.com/vitessio/vitess/security/advisories/GHSA-8g8j-r87h-p36x"},{"type":"WEB","url":"https://github.com/vitessio/vitess/commit/4c0173293907af9cb942a6683c465c3f1e9fdb5c"},{"type":"WEB","url":"https://github.com/vitessio/vitess/issues/19459"},{"type":"WEB","url":"https://github.com/vitessio/vitess/pull/19460"}],"affected":[{"package":{"name":"vitess.io/vitess","ecosystem":"Go","purl":"pkg:golang/vitess.io/vitess"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"0.22.4"},{"introduced":"0.23.0"},{"fixed":"0.23.3"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2026-4567.json"}}],"schema_version":"1.7.5"}