Product
A high-severity vulnerability (CVE-2026-54457) in the TensorZero Gateway's `/internal/object_storage` endpoint allows attackers to achieve arbitrary file reading from the gateway filesystem and Server-Side Request Forgery (SSRF) by manipulating the `storage_path` parameter, potentially leading to credential exposure and internal network reconnaissance.