CVE-2023-28432

Exploited in the Wild ✓ Confirmed 0-Day

Triaged: March 20, 2026 3 articles

VulnLookup ↗ NVD ↗ MITRE ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

94.06%

probability

This CVE has a 94.06% probability of being exploited in the next 30 days.

0% Top 99.9th percentile of all CVEs 100%

CVSS score unavailable

Neither CIRCL nor NVD returned a CVSS score for this CVE. View on VulnerabilityLookup ↗

Attack Intelligence

CWE-200 · Information Exposure CWE-664 · Improper Control of a Resource Through its Lifetime CWE-668 · Exposure of Resource to Wrong Sphere

Exploits & PoC

MzzdToT/CVE-2023-28432

MinIO敏感信息泄露漏洞批量扫描poc&exp

acheiii/CVE-2023-28432

CVE-2023-28432 POC

Cuerz/CVE-2023-28432

CVE-2023-28432 MinIO敏感信息泄露检测脚本

Chocapikk/CVE-2023-28432

Automated vulnerability scanner for CVE-2023-28432 in Minio deployments, revealing sensitive environment variables.

Okaytc/minio_unauth_check

CVE-2023-28432,minio未授权访问检测工具

yTxZx/CVE-2023-28432

PoC CVE-2023-28432 — yTxZx/CVE-2023-28432

steponeerror/Cve-2023-28432-

通过vulhub的复现过程实现了，基本的批量检测。比较垃圾但是勉强能用

BitWiz4rd/CVE-2023-28432

PoC MinIO vulnerability exploit

8 repos — triés par ⭐ Rechercher sur GitHub ↗

Trend Micro Releases Urgent Fix for Actively Exploited Critical Security Vulnerability

TheHackerNews

CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug

TheHackerNews

Hackers Exploit MinIO Storage System Vulnerabilities to Compromise Servers

TheHackerNews

Signal Intelligence

Confidenceⓘ

78%

EPSS 94.06%

Mentions 3

CNA Information

Analyst Note

CVE-2023-28432 is explicitly named in CISA KEV catalog addition article as actively exploited in the wild. MinIO vulnerability with CVSS 7.5 showing real-world weaponization and compromise of servers. Strong evidence of in-the-wild exploitation documented in multiple sources.

Triage Info

Decided atMar 20, 2026