Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5 matches found

Veracode
Veracodeadded 2025/08/29 5:22 p.m.2 views

Privilege Escalation

github.com/openbao/openbao is vulnerable to Privilege Escalation. The vulnerability is due to accounts with access to privileged identity entity systems in root namespaces being able to escalate privileges to the global root policy...

7.2CVSS6.9AI score0.00077EPSS
Exploits0References5Affected Software2
SUSE CVE
SUSE CVEadded 2025/08/11 11:22 p.m.1 views

SUSE CVE-2025-54996

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, accounts with access to highly-privileged identity entity systems in root namespaces were able to increase their scope directly to...

7.2CVSS6.7AI score0.00077EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/08/11 2:30 a.m.8 views

CVE-2025-54996

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, accounts with access to highly-privileged identity entity systems in root namespaces were able to increase their scope directly to...

7.2CVSS6.6AI score0.00077EPSS
Exploits0References1
OSV
OSVadded 2025/08/09 1:32 a.m.8 views

CVE-2025-54996 OpenBao Root Namespace Operator May Elevate Token Privileges

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, accounts with access to highly-privileged identity entity systems in root namespaces were able to increase their scope directly to...

7.2CVSS6.4AI score0.00077EPSS
Exploits0References5
CVE
CVEadded 2025/08/09 1:32 a.m.28 views

CVE-2025-54996

CVE-2025-54996 — OpenBao root namespace privilege escalation. OpenBao versions 2.3.1 and earlier allow accounts with access to highly-privileged identity entity systems in the root namespace to directly elevate scope to the root policy. The identity system can add policies that grant capabilities...

7.2CVSS6.5AI score0.00077EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder