PatchSiren cyber security CVE debrief
CVE-2026-11569 Red Hat CVE debrief
CVE-2026-11569 is a MEDIUM severity vulnerability in Quay's filedrop endpoint. The endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious SVG file containing JavaScript. The file is stored and served inline through the CDN, enabling stored cross-site scripting when a victim visits the archive URL. The CVSS score for this vulnerability is 5.4.
- Vendor
- Red Hat
- Product
- Red Hat Quay 3
- CVSS
- MEDIUM 5.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-08
- Original CVE updated
- 2026-06-08
- Advisory published
- 2026-06-08
- Advisory updated
- 2026-06-08
Who should care
Users of Quay, especially those with repository write access, should be aware of this vulnerability and take steps to mitigate it.
Technical summary
The filedrop endpoint in Quay does not validate mime types, allowing authenticated users with repository write access to upload malicious SVG files containing JavaScript. When a victim visits the archive URL, the JavaScript is executed, enabling stored cross-site scripting.
Defensive priority
MEDIUM
Recommended defensive actions
- Update Quay to a version that validates mime types for uploaded files.
- Restrict repository write access to trusted users.
- Use a Web Application Firewall (WAF) to detect and prevent cross-site scripting attacks.
Evidence notes
The CVE-2026-11569 vulnerability was published on [cve-org](https://www.cve.org/CVERecord?id=CVE-2026-11569) and has a CVSS score of 5.4. Additional information can be found on [nvd](https://nvd.nist.gov/vuln/detail/CVE-2026-11569).
Official resources
CVE-2026-11569 was published on 2026-06-08T12:16:31.730Z and modified on 2026-06-08T14:57:49.490Z.