| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-4166 | Vault May Include Sensitive Data in Error Logs When Using the KV v2 Plugin | HashiCorp | Vault | Medium | 4.5 | 2025-05-02 14:57:59 | Deep Dive |
| CVE-2025-31101 | WordPress VaultRE Contact Form 7 plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability | Vault Group Pty Ltd | VaultRE Contact Form 7 | Medium | 5.9 | 2025-03-27 22:25:04 | Deep Dive |
| CVE-2024-8185 | Vault Vulnerable to Denial of Service When Processing Raft Join Requests | HashiCorp | Vault | High | 7.5 | 2024-10-31 15:14:55 | Deep Dive |
| CVE-2024-9180 | Vault Operators in Root Namespace May Elevate Their Privileges | HashiCorp | Vault | High | 7.2 | 2024-10-10 20:54:57 | Deep Dive |
| CVE-2024-7594 | Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default | HashiCorp | Vault | High | 7.5 | 2024-09-26 19:52:56 | Deep Dive |
| CVE-2024-8365 | Vault Leaks AppRole Client Tokens And Accessor in Audit Log | HashiCorp | Vault | Medium | 6.2 | 2024-09-02 01:30:57 | Deep Dive |
| CVE-2022-4536 | IP Vault – WP Firewall <= 1.1 - IP Address Spoofing to Protection Mechanism Bypass | youtag | Two-factor authentication (formerly IP Vault) | Medium | 5.3 | 2024-08-31 08:35:18 | Deep Dive |
| CVE-2024-6468 | Vault Vulnerable to Denial of Service When Setting a Proxy Protocol Behavior | HashiCorp | Vault | High | 7.5 | 2024-07-11 20:40:12 | Deep Dive |
| CVE-2024-5798 | Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims | HashiCorp | Vault | Low | 2.6 | 2024-06-12 18:55:25 | Deep Dive |
| CVE-2024-2877 | Vault Enterprise Leaks Sensitive HTTP Request Headers in the Audit Log When Deployed With a Performance Standby Node | HashiCorp | Vault Enterprise | Medium | 5.5 | 2024-04-30 14:58:10 | Deep Dive |
| CVE-2024-2660 | Vault TLS Cert Auth Method Did Not Correctly Validate OCSP Responses | HashiCorp | Vault | Medium | 6.4 | 2024-04-04 17:55:20 | Deep Dive |
| CVE-2024-2048 | Vault Cert Auth Method Did Not Correctly Validate Non-CA Certificates | HashiCorp | Vault | High | 8.1 | 2024-03-04 19:56:47 | Deep Dive |
| CVE-2024-20911 | Oracle Audit Vault and Database Firewall 安全漏洞 | Oracle Corporation | Audit Vault and Database Firewall | Low | 2.6 | 2024-02-17 01:50:09 | Deep Dive |
| CVE-2024-20909 | Oracle Audit Vault and Database Firewall 安全漏洞 | Oracle Corporation | Audit Vault and Database Firewall | High | 7.5 | 2024-02-17 01:50:08 | Deep Dive |
| CVE-2024-0831 | Vault May Expose Sensitive Information When Configuring An Audit Log Device | HashiCorp | Vault | Medium | 4.5 | 2024-02-01 01:41:34 | Deep Dive |
| CVE-2024-20924 | Oracle Audit Vault and Database Firewall 安全漏洞 | Oracle Corporation | Audit Vault and Database Firewall | High | 7.6 | 2024-01-16 21:41:16 | Deep Dive |
| CVE-2024-20910 | Oracle Audit Vault and Database Firewall 安全漏洞 | Oracle Corporation | Audit Vault and Database Firewall | Low | 3.0 | 2024-01-16 21:41:14 | Deep Dive |
| CVE-2024-20912 | Oracle Audit Vault and Database Firewall 安全漏洞 | Oracle Corporation | Audit Vault and Database Firewall | Low | 2.7 | 2024-01-16 21:41:14 | Deep Dive |
| CVE-2023-6337 | Vault May be Vulnerable to a Denial of Service Through Memory Exhaustion When Handling Large HTTP Requests | HashiCorp | Vault | High | 7.5 | 2023-12-08 21:12:32 | Deep Dive |
| CVE-2023-5954 | Vault Requests Triggering Policy Checks May Lead To Unbounded Memory Consumption | HashiCorp | Vault | Medium | 5.9 | 2023-11-09 20:13:49 | Deep Dive |