Lucene search
K

42 matches found

EUVD
EUVD
added yesterday4 views

EUVD-2026-42367

Bitwarden Server before 2026.6.0 does not verify that the email in a POST /auth-requests/admin-request body belongs to the authenticated caller, allowing a low-privileged organization member to obtain another user's vault key and a victim-scoped access token by creating a Trusted Device Encryptio...

9.3CVSS6AI score
Exploits0References6
NVD
NVD
added yesterday3 views

CVE-2026-60104

Bitwarden Server before 2026.6.0 does not verify that the email in a POST /auth-requests/admin-request body belongs to the authenticated caller, allowing a low-privileged organization member to obtain another user's vault key and a victim-scoped access token by creating a Trusted Device Encryptio...

9.3CVSS
Exploits0References5
Cvelist
Cvelist
added yesterday5 views

CVE-2026-60104 Bitwarden Server < 2026.6.0 Authorization Bypass via Admin Auth Request

Bitwarden Server before 2026.6.0 does not verify that the email in a POST /auth-requests/admin-request body belongs to the authenticated caller, allowing a low-privileged organization member to obtain another user's vault key and a victim-scoped access token by creating a Trusted Device Encryptio...

9.3CVSS
Exploits0References5
CVE
CVE
added yesterday6 views

CVE-2026-60104

Bitwarden Server before 2026.6.0 is vulnerable to an authorization bypass in the admin/auth request flow. A low-privileged organization member can exploit a mismatch in the POST /auth-requests/admin-request handling to bind a Trusted Device Encryption request to an attacker-controlled public key,...

9.3CVSS6AI score
Exploits0References5
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-46590 Apache Camel: Camel-PQC: The HashiCorp Vault and AWS Secrets Manager key-lifecycle managers deserialize persisted key metadata with java.io.ObjectInputStream and no ObjectInputFilter (incomplete remediation of CVE-2026-40048)

Deserialization of Untrusted Data vulnerability in Apache Camel PQC component. The camel-pqc component persists post-quantum key metadata KeyMetadata through pluggable KeyLifecycleManager implementations. HashicorpVaultKeyLifecycleManager and AwsSecretsManagerKeyLifecycleManager read that metadat...

0.00381EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/27 4:13 a.m.46 views

SUSE CVE-2023-43630

PCR14 is not in the list of PCRs that seal/unseal the “vault” key, but due to the change that was implemented in commit “7638364bc0acf8b5c481b5ce5fea11ad44ad7fd4”, fixing this issue alone would not solve the problem of the config partition not being measured correctly. Also, the “vault” key is...

8.8CVSS7.3AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/27 4:13 a.m.47 views

SUSE CVE-2023-43634

When sealing/unsealing the “vault” key, a list of PCRs is used, which defines which PCRs are used. In a previous project, CYMOTIVE found that the configuration is not protected by the secure boot, and in response Zededa implemented measurements on the config partition that was mapped to PCR 13. I...

8.8CVSS7.3AI score0.00161EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/18 12:0 a.m.7 views

Juju 安全漏洞

Juju is a canonical Juju open-source application orchestration engine. Versions of Juju from 3.1.6 to 3.6.18 have security vulnerabilities. These vulnerabilities stem from an authorization bypass in the Vault key backend implementation, which may allow authenticated unit agents to execute...

7.6CVSS6.5AI score0.00166EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/03/12 10:0 a.m.4 views

SUSE CVE-2023-43637

Due to the implementation of "deriveVaultKey", prior to version 7.10, the generated vault key would always have the last 16 bytes predetermined to be "arfoobarfoobarfo". This issue happens because "deriveVaultKey" calls "retrieveCloudKey" which will always return "foobarfoobarfoobarfoobarfoobarfo...

7.8CVSS5.8AI score0.00134EPSS
Exploits0References3
OSV
OSV
added 2026/02/17 6:9 p.m.4 views

GO-2026-4436 EVE Has Partially Predetermined Vault Key in github.com/lf-edge/eve

EVE Has Partially Predetermined Vault Key in github.com/lf-edge/eve...

7.8CVSS5.4AI score0.00134EPSS
Exploits0References5
OSV
OSV
added 2026/02/17 6:9 p.m.5 views

GO-2026-4434 EVE Seals Vault Key With SHA1 PCRs in github.com/lf-edge/eve

EVE Seals Vault Key With SHA1 PCRs in github.com/lf-edge/eve...

8.8CVSS5.4AI score0.0011EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/02/04 11:21 p.m.14 views

EVE Has Partially Predetermined Vault Key

Impact The deriveVaultKey function calls retrieveCloudKey which always returns "foobarfoobarfoobarfoobarfoobarfo". When merged with the randomly generated 32-byte key using mergeKeys 16 bytes from each, the last 16 bytes are always "arfoobarfoobarfo". This enables an attacker with physical access...

7.8CVSS7.2AI score0.00134EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/02/04 11:21 p.m.3 views

GHSA-G7VP-J25F-H34P EVE Has Partially Predetermined Vault Key

Impact The deriveVaultKey function calls retrieveCloudKey which always returns "foobarfoobarfoobarfoobarfoobarfo". When merged with the randomly generated 32-byte key using mergeKeys 16 bytes from each, the last 16 bytes are always "arfoobarfoobarfo". This enables an attacker with physical access...

6.7CVSS5.3AI score0.00134EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/02/04 11:12 p.m.8 views

EVE Seals Vault Key With SHA1 PCRs

Impact The vault key is sealed using SHA1 PCRs instead of SHA256 PCRs Thus an attacker with physical access to an EVE-OS device can try to brute force creating a kernel or rootfs image which produces the same SHA1 PCR but with malicious content. Patches Fixed in 9.4.3-lts and 10.1.0 Workarounds N...

8.8CVSS7.8AI score0.0011EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/02/04 11:12 p.m.1 views

GHSA-4JVR-VJ2C-8Q37 EVE Seals Vault Key With SHA1 PCRs

Impact The vault key is sealed using SHA1 PCRs instead of SHA256 PCRs Thus an attacker with physical access to an EVE-OS device can try to brute force creating a kernel or rootfs image which produces the same SHA1 PCR but with malicious content. Patches Fixed in 9.4.3-lts and 10.1.0 Workarounds N...

6.7CVSS5.3AI score0.0011EPSS
Exploits0References5
Snyk
Snyk
added 2026/02/04 9:38 p.m.4 views

Insecure Storage of Sensitive Information

Overview Affected versions of this package are vulnerable to Insecure Storage of Sensitive Information when sealing/unsealing the “vault” key. An attacker can gain unauthorized access to sensitive configuration data and modify system settings by physically removing the disk, altering files on...

8.8CVSS7.9AI score0.00161EPSS
Exploits0References3
Snyk
Snyk
added 2026/02/04 8:43 p.m.4 views

Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials due to the use of SHA1 PCRs when sealing and unsealing the vault key. An attacker can bypass integrity checks and modify configuration files undetected by measured boot and remote attestation by...

8.8CVSS8AI score0.00107EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/04 8:43 p.m.6 views

EUVD-2023-48030

EVE Doesn't Measure Config Partition From 2 Fronts...

8.8CVSS8AI score0.00107EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.9 views

PT-2026-6361

Impact The vault key is sealed using SHA1 PCRs instead of SHA256 PCRs Thus an attacker with physical access to an EVE-OS device can try to brute force creating a kernel or rootfs image which produces the same SHA1 PCR but with malicious content. Patches Fixed in 9.4.3-lts and 10.1.0 Workarounds N...

8.8CVSS5.4AI score0.0011EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.10 views

PT-2026-6461

Impact PCR14 is not included in the list of PCRs that seal/unseal the vault key. Additionally, the vault key uses SHA1 PCRs instead of SHA256. Thus an attacker with physical access can take out the disk, use a different computer to modify the files in the /config partition, and re-insert the disk...

8.8CVSS5.5AI score0.00107EPSS
Exploits0References8
Rows per page
Query Builder