CVE-2026-26012 PoC — Vaultwarden 安全漏洞

Source

https://github.com/Dulieno/CVE-2026-26012

Associated Vulnerability

Title:Vaultwarden 安全漏洞 (CVE-2026-26012)
Description:Vaultwarden是Daniel García个人开发者的一个用 Rust 编写的 Bitwarden 服务器 API 的替代实现。 vaultwarden 1.35.3之前版本存在安全漏洞，该漏洞源于端点/ciphers/organization-details访问控制不当，可能导致组织成员检索组织内的所有密码。

Description

CVE-2026-26012 — Proof of Concept Vaultwarden — Full Cipher Enumeration Ignoring Organization Collection Permissions

File Snapshot


 None

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!