All 3 CVE vulnerabilities found in Tooling, with AI-generated Chinese analysis, references, and POCs.
Vendor: HashiCorp
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-4660 | Go-getter may allow to arbitrary filesystem reads through git operations CWE-200 | 7.5 | High | 2026-04-09 |
| CVE-2025-13357 | Vault Terraform Provider Applied Incorrect Defaults for LDAP Auth Method CWE-1188 | 7.4 | High | 2025-11-21 |
| CVE-2025-1293 | HashiCorp Hermes Improperly Validates AWS ALB JWTs, which May Lead to Authentication Bypass CWE-1390 | 8.2 | High | 2025-02-20 |
All 3 known CVE vulnerabilities affecting Tooling with full Chinese analysis, references, and POCs where available.