Vault — Vulnerabilities & Security Advisories 37

All 37 CVE vulnerabilities found in Vault, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Paused
CVE-2026-5807	Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations CWE-770	7.5	High	2026-04-17
CVE-2026-4525	Vault Token Leaked to Backends via Authorization: Bearer Passthrough Header CWE-201	7.5	High	2026-04-17
CVE-2026-5052	Vault Vulnerable to Server-Side Request Forgery in ACME Challenge Validation via Attacker-Controlled DNS CWE-918	5.3	Medium	2026-04-17
CVE-2026-3605	Vault KVv2 Metadata and Secret Deletion Policy Bypass Denial-of-Service CWE-288	8.1	High	2026-04-17
CVE-2025-12044	Vault Vulnerable to Denial of Service Due to Rate Limit Regression CWE-770	7.5	High	2025-10-23
CVE-2025-11621	Vault AWS auth method bypass due to AWS client cache CWE-288	8.1	High	2025-10-23
CVE-2025-6203	Vault unauthenticated denial of service through complex json payload CWE-770	7.5	High	2025-08-28
CVE-2025-6013	Vault LDAP MFA Enforcement Bypass When Using Username As Alias CWE-156	6.5	Medium	2025-08-06
CVE-2025-6015	Vault Login MFA Bypass of Rate Limiting and TOTP Code Reuse CWE-307	5.7	Medium	2025-08-01
CVE-2025-6011	Timing Side-Channel in Vault’s Userpass Auth Method CWE-203	3.7	Low	2025-08-01
CVE-2025-6004	Vault Userpass and LDAP User Lockout Bypass CWE-307	5.3	Medium	2025-08-01
CVE-2025-6037	Vault Certificate Auth Method Did Not Validate Common Name For Non-CA Certificates CWE-295	6.8	Medium	2025-08-01
CVE-2025-6014	Vault TOTP Secrets Engine Code Reuse CWE-156	6.5	Medium	2025-08-01
CVE-2025-6000	Arbitrary Remote Code Execution via Plugin Catalog Abuse CWE-94	9.1	Critical	2025-08-01
CVE-2025-5999	Vault Root Namespace Operator May Elevate Token Privileges CWE-266	7.2	High	2025-08-01
CVE-2025-4656	Vault Vulnerable to Recovery Key Cancellation Denial of Service CWE-1088	3.1	Low	2025-06-25
CVE-2025-3879	Vault’s Azure Authentication Method bound_location Restriction Could be Bypassed on Login CWE-863	6.6	Medium	2025-05-02
CVE-2025-4166	Vault May Include Sensitive Data in Error Logs When Using the KV v2 Plugin CWE-209	4.5	Medium	2025-05-02
CVE-2024-8185	Vault Vulnerable to Denial of Service When Processing Raft Join Requests CWE-636	7.5	High	2024-10-31
CVE-2024-9180	Vault Operators in Root Namespace May Elevate Their Privileges CWE-266	7.2	High	2024-10-10
CVE-2024-7594	Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default CWE-732	7.5	High	2024-09-26
CVE-2024-8365	Vault Leaks AppRole Client Tokens And Accessor in Audit Log CWE-532	6.2	Medium	2024-09-02
CVE-2024-6468	Vault Vulnerable to Denial of Service When Setting a Proxy Protocol Behavior CWE-703	7.5	High	2024-07-11
CVE-2024-5798	Vault Incorrectly Validated JSON Web Tokens (JWT) Audience Claims CWE-287	2.6	Low	2024-06-12
CVE-2024-2660	Vault TLS Cert Auth Method Did Not Correctly Validate OCSP Responses CWE-636	6.4	Medium	2024-04-04
CVE-2024-2048	Vault Cert Auth Method Did Not Correctly Validate Non-CA Certificates CWE-295	8.1	High	2024-03-04
CVE-2024-0831	Vault May Expose Sensitive Information When Configuring An Audit Log Device CWE-532	4.5	Medium	2024-02-01
CVE-2023-6337	Vault May be Vulnerable to a Denial of Service Through Memory Exhaustion When Handling Large HTTP Requests CWE-770	7.5	High	2023-12-08
CVE-2023-5954	Vault Requests Triggering Policy Checks May Lead To Unbounded Memory Consumption CWE-401	5.9	Medium	2023-11-09
CVE-2023-5077	Vault's Google Cloud Secrets Engine Removed Existing IAM Conditions When Creating / Updating Rolesets CWE-266	7.6	High	2023-09-28

All 37 known CVE vulnerabilities affecting Vault with full Chinese analysis, references, and POCs where available.

Support Us — Your donation helps us keep running

Vault — Vulnerabilities & Security Advisories 37