3 matches found
CVE-2026-39388 vulnerabilities
Vulnerabilities for packages: openbao...
CVE-2026-39388 vulnerabilities
Vulnerabilities for packages: openbao...
CVE-2026-39388 OpenBao's Certificate Authentication Allows Token Renewal With Different Certificate
OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, OpenBao's Certificate authentication method, when a token renewal is requested and disablebinding=true is set, attempts to verify the current request's presented mTLS certificate matches the original. Toke...